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ABSTRACT 


The  world  has  entered  the  Third  Wave;  it  has  entered  the  Information  Age.  One  of 
the  fundamentals  of  this  paradigm  shift  is  the  fact  that  information  is  power.  The  side 
that  controls  information  most  effectively  will  be  victorious.  Thus,  countries  and 
militaries  must  change  their  mentality  in  order  to  survive.  A  new  form  of  conflict. 
Information  Warfare,  has  been  bom.  This  new  discipline  is  large,  dynamic,  and  complex. 

The  need  exists  for  education  among  military  officers  and  other  concerned 
professionals  throughout  the  country.  This  thesis  helps  to  bridge  the  education  gap.  It 
presents  a  snapshot  of  Information  Warfare  today,  exploring  many  different  avenues  and 
possibilities  along  the  way.  The  first  half  of  the  document  is  focused  on  Information 
Warfare  in  general,  and  the  second  half  deals  specifically  with  the  offensive  side. 

The  purpose  of  this  thesis  is  not  to  present  an  all-encompassing  view  of  Offensive 
Information  War  or  even  of  Information  Warfare  in  general.  The  field  of  Information 
Warfare  is  too  big  for  any  one  individual  or  organization  to  fully  comprehend  all  of  its 
intricacies.  Indeed,  due  to  the  dynamic  nature  of  this  discipline,  chances  are  that  some,  or 
maybe  even  all,  of  the  material  contained  herein  will  be  obsolescent  upon  publication. 

The  goal  of  the  thesis  is  to  present  one  view  of  Information  Warfare,  as  seen  through  the 
eyes  of  many.  The  hope  is  that  some  benefit  will  be  garnered  by  the  reader,  even  if  it  only 
sparks  an  idea  or  helps  to  understand  the  importance  of  this  growing  warfare  dimension. 
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EXECUTIVE  SUMMARY 


The  world  has  entered  the  Third  Wave;  it  has  entered  the  Information  Age.  One  of  the 
fundamentals  of  this  paradigm  shift  is  the  fact  that  information  is  power.  The  side  that  controls 
information  more  effectively  will  be  victorious.  Thus,  coimtries  and  militaries  must  change  their 
mentality  in  order  to  survive.  A  new  form  of  conflict,  Information  Warfare,  has  been  bom.  This 
new  discipline  is  large,  dynamic,  and  complex. 

In  keeping  with  this  ongoing  revolution,  the  need  exists  for  education  among  military 
officers  and  other  concerned  professionals  througout  the  coimtry.  This  thesis  helps  to  bridge  the 
education  gap.  It  presents  a  shapshot  of  Information  Warfare  today,  exploring  many  different 
avenues  and  possibilities  along  the  way.  Roughly  the  first  half  of  the  document  is  focused  on 
Information  Warfare  in  general.  The  second  half  deals  specifically  with  Offensive  Information 
Warfare. 

Like  it  or  not.  Information  Warfare  is  a  reality  today.  It  is  not  a  fad  that  will  disappear  in 
a  few  years  (or  even  in  the  foreseeable  future).  In  its  most  basic  form.  Information  Warfare  has 
been  around  for  a  long  time.  Technology  has  been  one  of  the  major  driving  factors  in  the  current 
paradigm  shift  to  the  Information  Age.  Understanding  the  enemy’s  cognitive  process  and 
infrastmcture  are  essential  for  effective  employment  of  Information  Warfare  as  a  weapon.  These 
are  the  major  points  of  Chapter  I.  Most  will  be  visited  again  in  more  detail  in  later  chapters. 

Chapter  II  concentrates  on  definitions  related  to  Information  Warfare.  This  is  perhaps  the 
area  of  most  concern  and  dissension.  Fundamental  to  a  successful  manipulation  of  any  weapon 
is  understanding  it.  Part  of  the  process  of  understanding  that  weapon  is  knowing  its  language. 
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There  are  any  number  of  interpretations  of  the  IW  language,  and  this  fact  only  complicates  the 
problem  further. 

Chapter  III  addresses  the  people,  places,  and  things  of  IW.  It  talks  about  the  players 
involved  in  the  process,  from  the  Executive  Branch  to  the  Department  of  Defense  (DOD)  to 
commercial  entities.  While  not  every  possible  organization  can  be  addressed,  the  reader  should 
be  able  to  get  a  good  feel  for  the  scope  and  breadth  of  efforts. 

The  next  chapter,  Chapter  IV,  discusses  the  role  of  technology  in  IW.  The  rapid 
technological  explosion,  with  no  apparent  end  in  sight,  contributes  significantly  to  the  potential 
of  Information  Warfare.  Not  only  are  some  of  the  technologies  themselves  reviewed,  but  also  the 
execution  of  the  paradigm  shift,  in  the  form  of  such  things  as  the  Global  Information 
Infrastructure  (GII),  is  scrutinized.  Finally,  the  chapter  concludes  with  an  examination  of  some 
of  the  current  trends  in  the  IW  field. 

While  the  first  four  chapters  concentrate  mostly  on  essential  background  material. 

Chapter  V  begins  to  delve  into  the  major  focus  of  this  thesis:  Offensive  Information  Warfare 
(OIW).  The  basic  definition  of  OIW,  first  presented  in  Chapter  II,  is  reviewed  and  expanded. 
Potential  reasons  that  would  provoke  the  use  of  OIW  are  explored.  Some  tools  that  could  be 
used  for  OIW  attacks  are  discussed. 

Chapters  VI  forms  the  heart  of  the  thesis.  Up  to  this  point  in  the  thesis,  periodic 
references  have  been  made  to  the  important  role  of  a  country’s  infrastructure  in  determining  the 
outcome  of  a  conflict.  The  chapter  defines  a  generic  infrastructure  that  is  necessarily  broad  in 
scope  yet  useful  for  any  number  of  situations.  The  discussion  includes  some  specifics  in  using 
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the  template.  Various  levels  of  employing  01 W  against  the  template  are  discussed.  These  levels 
range  from  force  structures  to  time  lines  to  Measures  of  Effectiveness  (MOEs). 

Chapter  VII  is  a  critical  review  of  the  difficult  issues  surrounding  the  use  of  OIW. 
Included  in  the  discussion  are  political,  legal,  economic,  and  moral  dilemmas.  Other  problems 
discussed  include  military  considerations,  repercussions,  and  coalition  OIW  operations.  For 
example,  how  does  one  coordinate  an  OIW  attack  with  an  ally  that  may  one  day  be  an  enemy? 

Finally,  Chapter  VIII  presents  a  review  of  the  thesis  and  some  recommendations  on  IW 
for  the  United  States.  Included  are  discussions  on  definitions,  organi2ations,  weapons  and 
tactics,  and  issues.  As  IW  endeavors  increase,  so  will  the  number  of  problems.  Only  by  tackling 
the  hardest  issues  head-on  will  one  begin  to  see  a  decrease  in  confusion  and  an  increase  in 
productivity.  This  is  by  no  means  an  easy  task,  yet  one  that  is  essential  to  success. 

The  purpose  of  this  thesis  is  not  to  present  an  all-encompassing  view  of  Offensive 
Information  War  or  even  of  Information  Warfare  in  general.  The  field  of  Information  Warfare 
is  too  big  for  any  one  individual  or  organization  to  fully  comprehend  all  of  its  intricacies.  That  is 
not  the  purpose  of  this  thesis.  Indeed,  due  to  the  dynamic  nature  of  this  discipline,  chances  are 
that  some,  or  maybe  even  all,  of  the  material  contained  herein  will  be  obsolescent  upon 
publication.  Instead,  the  goal  of  the  thesis  is  to  present  one  view  of  Information  Warfare,  as  seen 
through  the  eyes  of  many.  The  hope  is  that  some  benefit  will  be  garnered  by  the  reader,  even  if  it 
only  sparks  an  idea  or  helps  to  understand  the  importance  of  this  rapidly  growing  warfare 
dimension. 
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1.  INTRODUCTION 


A.  THE  CHANGING  FACE  OF  WARFARE 

Information  has  played  a  significant  role  in  determining  the  outcome  of  armed  conflict 
throughout  history.  Starting  with  the  Punic  Wars  and  continuing  to  the  high-tech  wars  of  the 
1990's,  information  has  been  a  critical  factor.  In  almost  every  major  historical  period,  at  least 
one  example  can  be  found.  For  brevity’s  sake,  only  a  few  of  the  more  celebrated  examples  will 
be  reviewed. 

Perhaps  the  earliest  recorded  use  of  decisive  information  exploitation  occurred  in  the 
second  century  B.C.  with  Hannibal  during  the  Second  Punic  War.  Hannibal  maintained  a  series 
of  hilltop  sentries  armed  with  mirrors  who  would  relay  information  concerning  Roman  troop 
movements  to  him.  Such  superior  knowledge  of  the  enemy  gave  Hannibal  a  decisive  edge  for 
many  years.  In  fact,  it  helped  him  to  defeat  a  Roman  army  twice  the  size  of  his  at  the  Battle  of 
Lake  Trasimene.[Ref  1] 

One  of  the  most  successful  early  users  of  information  were  the  Mongol  hordes  in  the  1 3th 
century.  They  employed  “arrow  riders”'  for  swift  communications  across  large  distances.  This 
allowed  Mongol  commanders  to  be  well-informed  about  enemy  movements.  Furthermore,  they 
intercepted  enemy  scouts  and  prevented  them  from  reporting.  As  a  result,  Muslim  commanders 
were  blind.  The  Mongols  used  this  to  their  advantage  and  enjoyed  numerous  successes  on  the 


'  Arrow  riders  are  roughly  analogous  to  the  Pony  Express  of  the  19th  century 
United  States. 
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battlefield,  most  notably  during  the  Khwarizm  campaign.  Although  superior  communication  was 
not  the  only  factor  for  the  Mongols’  success,  it  was  a  significant  one. [Ref.  1] 

Effective  use  of  information  continued  to  abound  throughout  history.  American 
Revolutionary  War  hero  General  George  Rogers  Clark  exploited  information  in  the  form  of 
deception,  coupled  with  sniping  of  British  sentries,  to  induce  a  surrender  to  his  numerically 
inferior  force.  British  naval  captain  Lord  Cochrane  used  information  to  confuse  and  dominate 
the  French  coastline  in  1798 [Ref  1].  The  invention  of  new  communication  systems,  such  as  the 
telegraph  and  the  radio  played  increasingly  important  roles  in  warfare  throughout  the  nineteenth 
and  early  twentieth  centuries.  World  War  II  saw  a  significant  advance  in  the  importance  of 
information  in  warfare,  mainly  due  to  technological  advances.  Innovations  such  as  radar  played  a 
significant  role  in  early  warning.  Codebreaking  initiatives  such  as  Ultra  and  Magic  gave  the 
allies  a  decisive  edge.  [Ref  2]  More  and  more,  the  side  that  had  the  better  information  had  the 
advantage. 

Perhaps  the  most  touted  example  of  reeent  effective  information  exploitation  occurred 
during  Operation  Desert  Storm.  Coalition  forces  targeted  Saddam  Hussein’s  Command,  Control, 
Communications,  Computers,  and  Intelligence  (C4I)  nodes.  This  left  Iraqi  forces  virtually  blind. 
At  the  same  time,  the  coalition  pooled  its  own  C4I  resources  to  ensure  their  commanders 
constantly  had  the  best  possible  battlefield  picture.  [Ref  3]  Soviet  Lieutenant  General  Bogdanov, 
Chief  of  the  General  Staff  Center  for  Operational  and  Strategic  Studies,  commented  shortly  after 
Desert  Storm, 
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Iraq  lost  the  war  before  it  even  began.  This  was  a  war  of  intelligence,  EW 
[Electronic  Warfare],  command  and  control  and  counter  intelligence.  Iraqi  troops 
were  blinded  and  deafened... Modem  war  can  be  won  by  informatika^  and  that  is 
now  vital  for  both  the  U.S.  and  USSR.[Ref.  4] 

Although  the  use  of  information  has  generally  taken  a  backseat  to  the  physical  application 
of  force  in  determining  the  outcome  of  a  conflict,  wars  of  the  future  will  be  unlike  any  we  have 
seen  in  the  past.  Desert  Storm  proved  that.  In  the  wake  of  that  conflict,  people  began  to  realize 
en  masse  that  a  dynamic  shift  in  traditional  warfighting  was  vmderway.  In  fact,  early  rumblings 
occurred  almost  15  years  earlier  when  a  Russian  officer  named  Ogarkov  foresaw  this  change.  He 
espoused  a  changing  theory  of  warfare  whereby  increasingly  mobile  commvmications  would 
encompass  a  larger  theater  of  war  with  a  decreased  timeline.  [Ref  5]  Such  is  the  trend  today. 

B.  THE  CHANGING  PARADIGM 
1.  The  Future  of  Warfare 

Imagine  the  battlefield  of  the  future  (it  is  in  fact,  not  really  a  field  at  all,  but  rather  an  Nth- 
dimensional  “battlespace”).  Nation  X  is  in  dire  straits.  People  are  starving  in  the  harsh  winter, 
the  economy  is  in  shambles,  and  discontent  is  everywhere.  The  only  thing  Nation  X’s  dictatorial 
government  has  to  bargain  with  are  nuclear  weapons.  Nation  X  demands  that  the  prosperous 
Nation  Y  immediately  send  food  and  financial  aid  or  face  the  wrath  of  nuclear  holocaust.  The 
United  Nations  (UN)  invokes  sanctions  on  Nation  X  while  calling  for  disarmament  of  their 
nuclear  weapons  and  compliance  with  international  treaties. 

Undaunted  by  Nation  X’s  threats,  a  small  team  of  Nation  Y’s  experts  sit  down  in  front  of 
their  computer  terminals.  They  penetrate  Nation  X’s  computers  and  begin  working  their  magic. 

^  Roughly  translates  from  Russian  to  ‘Information  Warfare’. 
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First,  the  computers  that  control  Nation  X’s  nuclear  weapons  cease  to  work,  for  no  apparent 
reason.  Then,  all  over  Nation  X,  strange  things  begin  happening.  Electric  power  grids  suddenly 
shutdown  for  no  reason  and  come  back  up  minutes  later  on  their  own.  Central  phone  system 
computers  go  berserk.  The  financial  institutions  see  their  funds  and  assets  disappear,  only  to 
reappear  30  minutes  later.  At  natural  gas  switching  stations  around  the  country,  operators  lose 
control  of  the  system.  On  computer  monitors  across  the  country,  the  following  message  appears, 
“You  are  in  violation  of  U.N.  resolution  1234.  Acquiesce  immediately  or  suffer  the 
consequences.” 

Concurrently,  Nation  Y  covertly  airdrops  thousands  of  tiny  sensors  across  Nation  X. 
These  sensors  interconnect  and  immediately  begin  transmitting  information.  In  short  order. 
Nation  Y  knows  exactly  how  Nation  X’s  conventional  forces  are  deployed.  The  sensors  begin 
jamming  Nation  X’s  military  and  commercial  communications.  Nation  X’s  forces  cannot 
communicate  and  are  rendered  virtually  powerless.^[Ref  6] 

Reluctantly,  Nation  X  ceases  its  belligerence.  United  Nations’  teams  enter  the  country 
and  begin  the  process  of  nuclear  disarmament.  Nation  X  revolts  and  ousts  its  dictator,  setting  in 
his  place  a  freely  elected  president.  The  world  is  safe  once  again.  Nation  Y  has  averted  global 
holocaust  with  no  lives  lost. 

The  above  scenario  is  but  one  example  of  future  warfare.  This  type  of  warfare  need  not 
be  focused  around  large  armies  or  weapons  of  mass  destruction.  In  fact,  this  type  of  warfare  need 


^  This  is  an  example  of  the  Mesh  Theory  as  advocated  by  Martin  Libicki  of  the 
National  Defense  University. 
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not  incur  any  human  fatalities.  This  type  of  warfare  is  unbounded.  It  can  happen  an5rwhere, 
anytime,  at  any  level  of  intensity.  This  is  the  future  of  warfare. 

2.  The  Third  Wave 

What  has  led  to  this  type  of  warfare?  The  answer  is  complex,  and  there  are  a  large 
number  of  reasons  for  this  complexity.  Perhaps  the  easiest  way  to  explain  this  change  is  to  say 
that  a  major  paradigm  shift  has  taken  place.  The  world  has  entered  the  Third  Wave;  it  has 
entered  the  Information  Age.  The  First  Wave  was  an  agricultural  society.  The  Second  Wave 
was  an  industrial  society.  The  Third  Wave  is  an  information  society.  At  each  paradigm  shift, 
major  changes  in  warfighting  have  taken  place.  As  the  world  enters  the  Third  Wave,  information 
is  power.  The  side  that  controls  information  most  effectively  will  be  victorious.  [Ref.  7] 

Based  on  these  radical  changes  ongoing  across  the  world  in  all  facets  of  society  in 
conjunction  with  the  paradigm  shift,  a  new  type  of  warfare  needs  to  be  defined,  molded,  and 
applied  when  necessary.  That  new  classification  is  called  Information  Warfare  tlWI.  Throughout 
the  rest  of  this  chapter,  the  term  “Information  Warfare”  will  be  used  fi-eely.  No  formal  attempts 
will  be  made  to  define  it  xmtil  the  next  chapter.  This  apparent  oversight  is  intentional.  It  is 
meant  to  provoke  the  reader  to  think,  in  his  or  her  own  mind,  “What  is  Information  War?”  This 
nebulous  question  is  a  very  controversial  and  current  topic,  and  it  is  the  focus  of  Chapter  II.  One 
should  also  note  that  IW  embraces  or  includes  any  number  of  additional  terms,  such  as 
Information-Based  Warfare,  Cyberwar,  Netwar,  Hacker  Warfare,  etc.;  each  of  these  terms  (and 
many  more)  will  be  discussed  in  detail  in  the  following  chapter. 
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c. 


WARFARE  THEORY 


The  study  of  warfare  is  a  discipline  and  a  science  onto  itself  Numerous  tomes  and 
dissertations  have  been  written  on  the  theoretical  ways  that  warfare  should  be  waged.  These 
writings  range  anywhere  from  the  scientific  to  the  intuitive.  They  have  formed  the  core  of 
military  leadership  training  for  generations.  Despite  the  radical  paradigm  shift  in  warfare  that  is 
ongoing,  there  is  still  room  for  some  of  the  classic  works. 

1.  Traditional  Views  of  Warfare 

Several  of  the  “great  classic  thinkers”  of  warfare  theory  wrote  about  Information  Warfare 
without  calling  it  such.  In  each  case,  the  role  of  information  was  emphasized  as  a  decisive  factor 
in  waging  war.  To  make  the  point,  the  works  of  two  such  thinkers,  Sun  Tzu  and  Clausewitz,  will 
be  examined. 

One  of  the  greatest  military  thinkers  ever  was  Sun  Tzu,  an  extremely  foresighted  general 
in  ancient  China.  The  fact  that  his  thoughts  are  still  largely  applicable  23  centuries  later  is  a 
testament  to  the  power  of  his  work.  One  of  his  best  known  quotes  is  “Know  the  enemy  and 
know  yourself;  in  a  hundred  battles,  you  will  never  be  defeated”.  [Ref  8]  The  implication  of 
information  dominance  is  clear.  Although  the  actual  execution  of  warfare  is  radically  different 
today,  the  basic  premise  remains  the  same.  One  has  already  seen  uses  of  information 
exploitation  throughout  history.  Third  Wave  thinking  only  accentuates  Sun  Tzu’s  words. 

A  second  example  can  be  found  in  the  works  of  Clausewitz,  a  Prussian  military  strategist 
of  the  19th  century.  He  defined  information  as  “the  foundation  of  all  of  our  ideas  and 
actions”.  [Ref  9]  Most  of  his  discourse  on  information  is  spent  talking  about  how  information 
can  be  corrupted,  how  the  commander  should  be  wary  of  all  information,  etc.  Yet  the  power  of 
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his  argument  can  be  a  modem  interpretation  of  the  above  quote;  information  forms  the 
foundation  upon  which  all  of  a  military  commander’s  decisions  rest.  If  one  can  break  this 
foimdation,  the  commander  is  powerless.  At  the  same  time,  that  commander  must  take  steps  to 
protect  the  foundation.  Protecting  and  destroying  or  manipulating  that  foundation  is  one  example 
of  Information  Warfare.  Defining  exactly  what  that  foundation  is  and  how  to  break  it  is  one  of 
the  primary  focuses  of  this  thesis. 

2.  Role  of  Technology  in  Warfare 

By  now,  one  can  see  the  importance  that  information  plays  in  warfare.  One  should  also 
see  another  common  thread:  the  increasing  importance  of  information  in  warfare  runs  parallel  to 
advances  in  technology.  Martin  Van  Creveld,  a  noted  historian  and  respected  author,  preaches 
the  importance  of  technology  in  warfare: 

[W]ar  is  completely  permeated  by  technology  and  governed  by  it.  The  causes  that 
lead  to  wars,  and  the  goals  for  which  they  are  fought;  the  blows  with  which 
campaigns  open,  and  the  victories  with  which  they  (sometimes)  end;  the 
relationship  between  the  armed  forces  and  the  societies  that  they  serve;  plaiming, 
preparation,  execution,  and  evaluation;... even  the  very  conceptual  fi"ameworks 
employed  by  our  brains  in  order  to  think  about  war  and  its  conduet--not  one  of 
these  is  immime  to  the  impact  that  technology  has  had  and  does  have  and  will 
have.  [Ref  10] 

This  is  a  powerful  statement  about  the  role  of  technology  in  warfare.  Technology  plays  a 
role  in  every  facet  of  warfare  and  always  will.  Technology  has  been  one  of  the  major 
contributors  (if  not  the  major  contributor)  in  the  transition  to  the  Information  Age.  Technology  is 
the  driving  force  of  Information  Warfare  just  as  Information  Warfare  is  a  slave  to  technology. 

The  two  cannot  be  separated;  one  must  understand  the  state  of  technology  in  order  to  effectively 
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understand  Information  Warfare.  Throughout  this  thesis,  the  role  of  technology  will 
continuously  be  addressed.  It  is  also  the  focus  of  Chapter  IV. 

3.  Importance  of  the  Cultural  Dimension 

As  seen  earlier  in  the  Clausewitz  discussion,  exposing  the  enemy’s  information 
foundation  is  the  crux  of  Information  Warfare.  Sun  Tzu  stressed  “knowing  your  enemy  as 
yourself ’[Ref.  8].  This  involves  getting  inside  the  enemy’s  thought  process.  It  means 
understanding  how  the  enemy  thinks.  This  is  no  easy  task.  People  think  differently.  A 
substantial  part  of  understanding  an  enemy’s  thinking  is  to  understand  his  environment. 

Different  regions  of  the  world  have  different  beliefs,  customs,  and  environments,  and  thus  they 
have  different  thought  processes.  The  effective  commander  will  understand  his  counterpart’s 
environment  and  how  it  can  be  manipulated  to  his  advantage. 

Information  Warfare  is  no  different,  and,  in  fact,  can  be  more  challenging.  For  example, 
a  potential  hostile  nation  may  configure  its  telecommimications  network  in  a  seemingly  senseless 
manner.  If  one  is  going  to  penetrate  that  network,  one  needs  to  understand  the  rationale  behind 
the  network’s  structure.  Only  then  can  it  be  exploited  in  an  optimal  fashion.  This  is  one  of  the 
greatest  (and  most  important)  challenges  facing  those  who  would  wage  Information  Warfare. 

4.  Center  of  Gravity 

Carrying  the  Clausewitz  argument  one  step  further,  the  information  foundation  can  be 
viewed  as  an  infrastructure'*.  While  not  elaborating  on  the  organization  of  this  infrastructure,  one 
can  say  that  attempts  to  break  this  foundation  are  attempts  to  destroy  Centers  of  GravitvtCOGST 

'*  The  exact  definition  of  “infrastructure”  in  the  context  of  this  thesis  is  the  focus 
of  Chapter  VI. 
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Joint  Publication  0-1  defines  Center  of  Gravity  as  “[t]hat  characteristic,  capability,  or  locality 
from  which  a  military  force,  nation,  or  alliance  derives  its  freedom  of  action,  physical  strength,  or 
will  to  fight.  It  exists  at  the  strategic,  operational,  and  tactical  levels  of  war”.  [Ref  1 1]  Thus,  in 
order  to  effectively  use  Information  Warfare  against  an  enemy’s  infrastructure,  one  must 
imderstand  where  the  Centers  of  Gravity  lie.  They  are  the  weak  links  that  can  be  exploited. 

D.  THE  IMPORTANCE  OF  INFORMATION  WARFARE 

The  burgeoning  field  of  Information  Warfare  presents  new  opportunities  as  well  as 
potentially  deadly  traps  for  the  military  commander.  Warfare  can  now  be  waged  in  seconds 
across  thousands  of  miles  with  no  loss  of  life  while  leaving  little  trace  of  the  attacker.  Yet, 
effective  employment  of  IW  involves  a  radical  shift  in  traditional  thinking  (not  always  an  easy 
task,  but  an  essential  one  in  this  case).  As  the  transition  to  the  Information  Age  becomes  more 
pronounced,  new  methods  must  be  devised  to  defeat  old  enemies  and  new  protections  created  to 
defend  old  systems.  Some  actions  are  already  underway  in  these  areas.  These  efforts  need  to  be 
intensified.  This  thesis  hopes  to  offer  insight  into  possible  ways  of  accomplishing  some  of  these 
tasks. 

E.  FRAMEWORK  FOR  INFORMATION  WARFARE  AS  A  WEAPON 

Like  it  or  not.  Information  Warfare  is  a  reality  today.  It  is  not  a  fad  that  will  disappear  in 
a  few  years  (or  even  in  the  foreseeable  future).  In  its  most  basic  form.  Information  Warfare  has 
been  around  for  a  long  time.  Technology  has  been  one  of  the  major  driving  factors  in  the  current 
paradigm  shift  to  the  Information  Age.  Understanding  the  enemy’s  cognitive  process  and 
infrastructure  are  essential  for  effective  employment  of  Information  Warfare  as  a  weapon.  These 
are  the  major  points  of  Chapter  I.  Most  will  be  visited  again  in  more  detail  in  later  chapters. 
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Chapter  II  concentrates  on  definitions  related  to  Information  Warfare.  This  is  perhaps  the 
area  of  most  concern  and  dissension.  Fundamental  to  a  successful  manipulation  of  any  weapon 
is  understanding  it.  Part  of  the  process  of  understanding  that  weapon  is  knowing  its  language. 
There  are  any  number  of  interpretations  of  the  IW  language,  and  this  fact  only  complicates  the 
problem  further. 

Chapter  III  addresses  the  people,  places,  and  things  of  IW.  It  talks  about  the  players 
involved  in  the  process,  from  the  Executive  Branch  to  the  Department  of  Defense  (DOD)  to 
commercial  entities.  While  not  every  possible  organization  can  be  addressed,  the  reader  should 
be  able  to  get  a  good  feel  for  the  scope  and  breadth  of  efforts. 

The  next  chapter.  Chapter  IV,  discusses  the  role  of  technology  in  IW.  The  rapid 
technological  explosion,  with  no  apparent  end  in  sight,  contributes  significantly  to  the  potential 
of  Information  Warfare.  Not  only  are  some  of  the  technologies  themselves  reviewed,  but  also  the 
execution  of  the  paradigm  shift,  in  the  form  of  such  things  as  the  Global  Information 
Infrastructure  (GII),  is  scrutinized.  Finally,  the  chapter  conncludes  with  an  examination  of  some 
of  the  current  trends  in  the  IW  field. 

While  the  first  four  chapters  concentrate  mostly  on  essential  background  material. 

Chapter  V  begins  to  delve  into  the  major  focus  of  this  thesis:  Offensive  Information  Warfare 
(OIW).  The  basic  definition  of  OIW,  first  presented  in  Chapter  II,  is  reviewed  and  expanded. 
Potential  reasons  that  would  provoke  the  use  of  OIW  are  explored.  Some  tools  that  could  be 
used  for  OIW  attacks  are  discussed. 

Chapters  VI  forms  the  heart  of  the  thesis.  Up  to  this  point  in  the  thesis,  periodic 
references  have  been  made  to  the  important  role  of  a  country’s  infrastructure  in  determining  the 
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outcome  of  a  conflict.  The  chapter  defines  a  generic  infrastructure  that  is  necessarily  broad  in 
scope  yet  useful  for  any  number  of  situations.  The  discussion  includes  some  specifics  in  using 
the  template.  Various  levels  of  employing  OIW  against  the  template  are  discussed.  These  levels 
range  from  force  structures  to  time  lines  to  Measures  of  Effectiveness  (MOEs). 

Chapter  VII  is  a  critical  review  of  the  difficult  issues  surrounding  the  use  of  OIW. 
Included  in  the  discussion  are  political,  legal,  economic,  and  moral  dilemmas.  Other  problems 
discussed  include  military  considerations,  repercussions,  and  coalition  OIW  operations.  For 
example,  how  does  one  coordinate  an  OIW  attack  with  an  ally  that  may  one  day  be  an  enemy? 

Finally,  Chapter  VIII  presents  a  review  of  the  thesis  and  some  recommendations  on  IW 
for  the  United  States.  Included  are  discussions  on  definitions,  organizations,  weapons  and 
tactics,  and  issues.  As  IW  endeavors  increase,  so  will  the  number  of  problems.  Only  by  tackling 
the  hardest  issues  head-on  will  one  begin  to  see  a  decrease  in  confusion  and  an  increase  in 
productivity.  This  is  by  no  means  an  easy  task,  yet  one  that  is  essential  to  success. 

The  purpose  of  this  thesis  is  not  to  present  an  all-encompassing  view  of  Offensive 
Information  War  or  even  of  Information  Warfare  in  general.  The  field  of  Information  Warfare 
is  too  big  for  any  one  individual  or  organization  to  fully  comprehend  all  of  its  intricacies.  That  is 
not  the  purpose  of  this  thesis.  Indeed,  due  to  the  dynamic  nature  of  this  discipline,  chances  are 
that  some,  or  maybe  even  all,  of  the  material  contained  herein  will  be  obsolescent  upon 
publication.  Instead,  the  goal  of  the  thesis  is  to  present  one  view  of  Information  Warfare,  as  seen 
through  the  eyes  of  many.  The  hope  is  that  some  benefit  will  be  garnered  by  the  reader,  even  if  it 
only  sparks  an  idea  or  helps  to  imderstand  the  importance  of  this  rapidly  growing  warfare 
dimension. 
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II.  DEFINING  INFORMATION  WARFARE 


A.  WHAT  IS  INFORMATION  WARFARE? 

Defining  Information  Warfare  (IW)  is  a  very  complex  task,  perhaps  an  impossible  one. 
There  are  any  number  of  different  views  and  perspectives.  These  various  arguments  can  get  very 
complicated,  very  quickly.  They  range  from  the  very  basic  and  trite  (so  that  the  average  man  or 
woman  on  the  street  can  understand)  to  the  very  profotmd  and  philosophical  (introducing  such 
higher  thinking  concepts  as  Complexity  Theory,  Decision  Theory,  Utility  Methods,  etc.). 

The  goal  of  this  chapter  is  to  expose  the  reader  to  some  of  the  many  different  perspectives 
and  definitions  in  the  field  of  Information  Warfare.  Therefore,  various  definitions  and  views  of 
the  subject  will  be  presented  from  a  wide  variety  of  entities.  At  first,  this  approach  may  seem 
confusing,  monotonous,  and  perhaps  not  very  useful.  However,  the  goal  is  not  to  have  the  reader 
memorize  a  bimch  of  definitions,  but  rather  it  is  to  show  the  reader  how  large  and  diverse  the 
discipline  of  Information  Warfare  really  is.  At  the  same  time,  some  common  trends  and  mistakes 
can  be  seen  that  can  be  used  to  form  a  common  view,  although  not  a  perfect  definition. 

Perhaps  the  greatest  challenge  facing  the  players  in  the  Information  Warfare  realm  is 
definitions.  In  fact,  defining  Information  Warfare  is  one  of  the  hottest  items  in  government 
circles  today.  Everyone  is  trying  to  define  IW  in  their  own  imique  way.  Why?  What  is  so 
important  about  definitions?  Some  would  argue  that  definitions  are  not  really  important.  If  the 
main  sticking  point  is  definitions,  push  them  aside  and  get  to  something  more  tangible  and 
productive.  The  author  would  argue  definitions  are  important.  Only  when  organizations  are 
speaking  a  common  language  (as  defined  by  common  terms  and  definitions)  is  full  efficiency 
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reached.  At  the  same  time,  one  should  realize  that  such  utopian  ideas  are  not  achievable  in 
today’s  world.  Still,  some  commonality  could  and  should  be  reached.  As  shall  be  seen,  there 
exists  today  any  number  of  different  views  that  need  to  be  consolidated.  Although  the  various 
entities  involved  in  IW  are  mostly  talking,  individual  goals  and  organizational  “rice  bowls”  need 
to  be  set  aside  if  any  real  progress  is  to  be  made. 

B.  TYPES  OF  INFORMATION  WARFARE 


Table  1  is  a  sample  of  just  a  few  of  the  many  terms  that  are  used  to  describe  essentially 
the  same  thing  (what  has  just  been  called  “Information  Warfare”  so  far). 


Information  Operations 

Command  &  Control  Warfare 

Information  In  War 

Information-Based  Warfare 

Electronic  Warfare 

Neocortical  Warfare 

Syntactical  Warfare 

Informatika 

Semantic  Warfare 

Cyberwar 

Computational  Mobile  Warfare 

Low-Intensity  Warfare 

Netwar 

Decision  Cycle  Warfare 

Hacker  Warfare 

Cognitive  Warfare 

Fuzzy  Logic  Warfare 

Cybernetic  Warfare 

Cyberspace  War 

Soft  War 

Reflexive  Control 

Epistemological  Warfare 

Computer  Warfare 

Just-In-Time  Warfare 

Table  1.  Various  Terms  Relating  To  Information  Warfare. 


Some  of  these  terms  will  be  explored  in  more  detail  below  while  others  will  never  again  be 
mentioned.  The  idea  is  to  show  the  reader  there  are  many  terms  that  relate  to  the  same  basic 
concept. 

1.  Selected  examples  of  different  views 

The  following  paragraphs  are  a  series  of  quotations  and  paraphrases  that  outline  some  of 
the  many  different  interpretations  of  Information  Warfare  that  exist  today. 
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a.  National  Level  Decision  Makers 

The  importance  of  Information  Warfare  is  realized  at  the  highest  levels  of  the  U.S. 
government.  The  Honorable  Newt  Gingrich,  Speaker  of  the  House,  is  a  renowned  advocate  of 
Information  Warfare.  He  has  made  numerous  public  appearances  on  the  subject  and  even 
introduced  legislation  related  to  it.  His  definition  of  Information  Warfare  is  “the  use  of 
information  to  achieve  your  purposes”.  [Ref  12]  This  a  very  broad  definition  and  could  be 
interpreted  any  number  of  ways.  Therefore,  it  is  not  very  useful,  but  the  point  is  that  top 
government  officials  are  aware  of  IW  and  its  significance. 

Also,  this  definition  shows  the  beginning  of  a  recurring  theme:  the  use  of  the  word 
“information”  in  the  definition.  A  grammatical  rule  of  thumb  states  that  when  defining  a  word, 
one  should  never  use  that  word.  By  doing  so  in  this  case  adds  a  whole  new  level  of  complexity 
to  the  problem.  By  not  defining  information  (which  in  itself  can  be  defined  any  number  of 
ways),  more  questions  are  introduced.  The  difficulty  of  a  useful  definition  grows  quickly. 

b.  Department  of  Defense 

The  Department  of  Defense  is  perhaps  one  of  the  most  important  players  involved 
in  the  Information  Warfare  world.  Yet  there  are  difficulties  in  defining  the  term.  At  the  highest 
levels  in  the  department,  there  exist  no  less  than  two  definitions  for  IW. 

The  Office  of  the  Assistant  Secretary  of  Defense  for  Command,  Control, 
Communications,  and  Intelligence  (OASD  C3I)  defines  Information  Warfare  as  “actions  taken  to 
achieve  information  superiority  in  support  of  national  military  strategy  by  affecting  adversary 
information  systems  while  leveraging  and  protecting  our  information  and  information 
systems”. [Ref  13]  This  definition  offers  more  substance  than  Mr.  Gingrich’s  and  might  be  useful 
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if  the  word  “information”  did  not  appear  in  the  definition  four  times.  Also,  a  new  problem  is 
introduced.  What  is  meant  by  the  terms  “information  superiority”,  “information  systems”,  and 
“leveraging”?  One  can  see  that  such  a  definition  cannot  stand  on  its  own;  rather,  associated 
terms  must  also  be  defined. 

Another  definition  from  the  Department  of  Defense  (DOD)  can  be  found  in  the 
draft  revision  of  DOD  Directive  3600.1 .  Although  this  is  only  a  draft  and  should  not  be  taken  as 
official  policy,  it  can  be  used  to  illustrate  a  point.  The  original  3600.1  was  a  highly  classified 
document  that  could  not  be  seen  by  very  many  people  and  thus  was  not  very  useful.  The  new 
revision  will  be  somewhat  less  classified  and  offers  this  unclassified  definition:  “actions  taken  to 
achieve  information  superiority  by  affecting  adversary  information,  information  systems,  and 
information  processes  while  defending  one’s  own  information,  information  systems,  and 
information-based  processes”.  [Ref.  14]  This  definition  is  only  slightly  different  than  the  previous 
one  and  offers  the  same  kinds  of  problems  (“information”  is  used  seven  times,  “information- 
based  processes”  are  unclear,  etc.).  This  definition  also  tends  to  contradict  the  other  one 
somewhat.  Although  this  definition  comes  from  a  draft  and  should  not  be  taken  as  final,  it  is 
being  circulated  in  official  briefings.  This  only  leads  to  more  confusion  and  could  possibly 
discredit  the  organization  involved  (e.g.,  why  is  this  organization  using  two  conflicting 
definitions  for  the  same  term?). 

The  Army  prefers  to  use  the  term  “Information  Operations”  which  it  defines  as 

continuous  military  operations  within  the  military  information  environment  that 
enable,  enhance,  and  protect  the  commander’s  decision  cycle  and  mission 
execution  to  achieve  an  information  advantage  across  the  full  range  of  military 
operations.  Information  Operations  include  interacting  with  the  global 
information 
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environment  and,  as  required,  exploiting  or  degrading  an  adversary’s  information  and 
decision  systems.[Ref.  15] 

They  then  define  Information  Warfare  using  a  proposed  definition  from  Joint  Publication  1-02 
(DOD  Dictionary  of  Military  and  Associated  Terms).  This  definition  is  very  similar  to  the  DOD 
definitions  above.  In  the  Army’s  view,  IW  is  a  subset  of  Information  Operations  (10)  and  IW  is 
implemented  by  employing  Command  and  Control  Warfare  (C2W).  C2W  is  discussed  in  detail 
later  in  this  chapter. 

The  Navy  has  formally  endorsed  Information  Warfare.  They  define  IW  as 

action  taken  in  support  of  national  security  strategy  to  rapidly  seize  the  initiative 
and  maintain  a  decisive  information  by  attacking  an  adversary’s  information 
infrastructure  through  exploitation,  denial,  and  influence,  while  protecting  friendly 
information  systems.  [Ref  16] 

This  has  often  been  reduced  by  Navy  briefers  to  the  three  major  points  of  Exploit,  Protect,  and 
Attack.  Again,  one  can  see  that  the  word  “information”  appears  three  times  and  other  questions 
are  raised  {e.g.,  what  is  an  “information  infrastructure”?).  Furthermore,  official  Navy  policy 
documents  {e.g,  OPNAVINST  3430)  often  erroneously  equate  IW  to  C2W  by  writing 
“IW/C2W”.  Later  discussion  will  show  that  while  the  two  are  related,  they  are  not  equal. 

The  Air  Force  defines  Information  Warfare  as  “any  action  to  deny,  exploit, 
corrupt,  or  destroy  the  enemy’s  information  and  its  fimctions;  protecting  ourselves  against  those 
actions;  and  exploiting  our  own  military  information  fimctions. ”[Ref  17]  IW  is  further  broken 
down  into  Psychological  Operations,  Electronic  Warfare,  Military  Deception,  Physical 
Destruction,  Security  Measures,  and  Information  Attack.  If  one  were  to  overlook  the  use  of 
“information”  in  the  definition,  this  perhaps  is  a  good  definition.  Yet,  the  Air  Force’s  idea  of  IW 
execution  (in  the  form  of  the  six  principles  listed  above),  contains  all  of  the  pillars  of  C2W 
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(described  later)  and  only  one  “new”  aspect:  Information  Attack.  One  might  thus  imply  the  Air 
Force  views  IW  as  enhanced  C2W. 

To  date,  the  Marine  Corps  has  not  formally  embraced  the  idea  of  Information 
Warfare.  Although  they  realize  the  importance  of  information,  their  perspective  centers  almost 
entirely  on  C2W.  One  could  say  that  the  Marine  Corps  is  wisely  biding  their  time  until  everyone 
else  figures  out  what  IW  is  and  how  the  military  can  use  it. 
c.  Academic  Experts 

As  might  be  expected  in  any  new  innovation  in  warfare,  the  military’s  academic 
support  community  has  been  involved  in  the  Information  Warfare  definition  debate.  Most 
notably,  the  National  Defense  University  (NDU)’s  staff  has  published  several  different  views  on 
IW.  Perhaps  the  most  concise  document  is  their  dictionary  of  IW-related  terms.  Although  this  is 
a  very  comprehensive  manuscript,  it  clearly  (although  not  directly)  states  the  problem.  It 
contains  four  different  definitions  for  Information-Based  Warfare  (the  preferred  NDU  term)  and 
two  definitions  of  Information  Warfare.  [Ref.  18] 

Martin  Libicki  of  NDU  fully  realizes  the  problem.  He  refers  to  the  various 
attempts  to  define  Information  Warfare  by  using  the  analogy  of  the  blind  men  and  the  elephant. 
The  blind  men  are  all  around  the  elephant,  trying  to  figure  what  it  is.  Each  can  only  touch  a 
certain  part  so  each  offers  a  different  definition  on  what  the  creature  is.  Such  is  the  case  in  the 
IW  definition  fiasco;  the  various  players  have  blinded  themselves  and  are  only  seeing  a  small  part 
of  a  larger  beast.  Mr.  Libicki’s  argument  is  not  unique;  many  people  have  used  the  same  analogy 
because  it  so  aptly  describes  the  severity  of  the  problem  in  defining  Information  Warfare.  Mr 
Libicki  thus,  perhaps  wisely,  never  tries  to  define  IW.  Instead,  he  offers  seven  different 
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components  that  comprise  it.  [Ref.  19]  These  views,  along  with  their  various  sub-components, 
are  shown  below  in  Table  2. 


COMPONENT 

SUB-COMPONENT 

COMPONENT 

SUB-COMPONENT 

C2W 

Anti-head 

Psychological 

Anti-will 

Anti-neck 

Warfare 

Anti-troop 

Intelligence-Based 

Offensive 

Anti-commander 

Warfare 

Defensive 

Kulturkampf 

Electronic  Warfare 

Anti-radar 

Cyberwarfare 

Info-terrorism 

(EW) 

Anti-comms 

Semantic 

Cryptography 

Simula-warfare 

Economic  IW 

Econ.  Blockade 

Gibson-warfare 

Techno-Imperialism 

Hacker  Warfare 

None 

Table  2.  Martin  Libicki’s  View  of  Information  Warfare.  [After  Ref.  19] 

A  detailed  explanation  of  each  of  the  terms  in  Table  2  is  not  necessary  in  the 


context  of  this  discussion.  Some  of  them  will  be  looked  at  in  further  detail  in  later  chapters.  For 
more  information  or  further  clarification,  the  reader  should  refer  to  Martin  Libicki’s  book.  What 
Is  Information  Warfare?  The  main  point  here  is  that  IW  covers  a  lot  of  different  things,  some  of 
which  fall  under  traditional  military  missions  (C2W,  EW,  etc.)  while  others  are  new  (e.g,,  Hacker 
Warfare). 

d.  The  Experts 

No  discussion  of  Information  Warfare  definitions  and  perspectives  would  be 
complete  without  offering  some  insight  from  the  “experts”  in  the  field  of  IW.  These  renowned 
thinkers  were  among  the  pioneers  that  brought  to  light  the  importance  of  Information  Warfare. 
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Of  course,  the  examples  presented  here  are  but  a  small  part  of  the  many  “expert”  viewpoints  that 
exist. 

John  Arquilla  and  Dave  Ronfeldt  offer  yet  another  view  of  Information  Warfare  in 
a  1993  RAND  report.  They  espouse  the  terms  “Cyberwar”  and  “Netwar”  in  lieu  of  Information 
Warfare.  Cyberwar  is  the  broad  term  that  “refers  to  conducting  military  operations  according  to 
information-related  principles.”[Ref  20]  It  builds  upon  traditional  warfare  missions  and  brings 
them  into  a  new  focus  that  is  primarily  technology-based.  Netwar  is  basically  the  same  kind  of 
things  but  focused  at  the  strategic  level  between  nations  (whereas  Cyberwar  is  more  operational 
and  tactical  in  nature).  These  two  terms  offer  a  good  starting  point  for  definitions,  but  they  are 
too  broad  to  be  of  much  effective  use  in  coming  to  grips  with  a  concise  definition. 

Winn  Schwartau  has  often  been  credited  with  raising  public  awareness  about  the 
importance  of  Information  Warfare  in  his  book  Information  Warfare:  Chaos  On  The  Electronic 
Superhighway.  While  some  of  his  statements  of  fact  are  in  reality  just  science  fiction  (for  the 
moment  at  least),  he  has  some  good  ideas  to  offer.  His  definition  of  IW  is  “an  electronic  conflict 
in  which  information  is  a  strategic  asset  worthy  of  conquest  or  destruction.”  [Ref.  21]  The 
strength  of  this  definition  is  the  realization  that  information  is  a  “strategic  asset.” 

Retired  Air  Force  Colonel  A1  Campen  offers  a  very  good,  but  not  perfect, 
definition  of  Information  Warfare: 

A  political,  economic,  or  war  strategy,  to  achieve  a  competitive  advantage 
by  attacking  adversary  information  systems,  while  protecting  your  own. 

The  goal  is  to  achieve  a  knowledge  differential  by  limiting  the  quality  and 
quantity  of  information  available  to  a  competitor. 

[Ref  22] 

This  definition,  while  using  the  terms  “information”  and  “knowledge”,  shows  that  IW  includes 
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more  than  just  purely  militaiy  aspects  (much  as  Martin  Libicki’s  view  did  earlier  in  this  chapter). 

George  Stein  of  the  Air  University  builds  on  the  ideas  of  others  and  offers  his 
insight  into  how  those  ideas  might  be  employed  effectively.  While  he  realizes  Information 
Warfare  spans  a  wide  variety  of  fields,  he  also  offers  that  IW  also  occurs  at  each  of  the  traditional 
warfare  levels:  Strategic,  Operational,  and  Tactical. [Ref.  23]  Although  this  idea  was  alluded  to  in 
the  Arquilla/Ronfeldt  discussion  earlier,  further  clarification  of  this  important  concept  is 
necessary  because  it  adds  a  whole  layer  of  complexity  to  the  definition  problem.  Not  only  does 
Information  Warfare  occur  horizontally  across  a  wide  range  of  fields,  it  also  occurs  vertically  at 
varying  degrees  of  intensity  and  focus. 

e.  Miscellaneous  Entities 

Even  “amateur”  thinkers  have  something  useful  to  offer  to  the  discussion  of 
definitions.  Often  not  driven  by  organizational  politics,  they  can  more  easily  offer  insight 
without  getting  too  involved  in  syntax  or  political  correctness.  Three  such  views  are  offered  here 
as  an  example  of  “freer”  thinking. 

The  United  States  is  not  the  only  country  that  is  thinking  about  Information 
Warfare  (this  idea  will  be  revisited  in  later  chapters).  In  fact,  even  Canada  has  realized  the  power 
of  this  emerging  discipline.  An  officer  in  the  Canadian  Navy,  Lieutenant  Garigue,  offers  his  own 
views  of  IW:  “[IW]  consists  of  all  efforts  to  control,  exploit,  or  deny  an  adversary’s  capability  to 
collect,  process,  store,  display,  and  distribute  information,  while  at  the  same  time  preventing  the 
enemy  from  doing  the  same.”[Ref  24]  Although  the  word  “information”  is  used  in  the  definition, 
this  is  still  a  good  definition  in  that  it  tells  how  the  information  is  to  be  manipulated  (collect, 
process,  store,  etc.). 
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Two  other  opinions  on  Information  Warfare  can  be  foxmd  in  two  papers  on  the 
Internet  homepage  of  the  unobtrusive  Institute  for  the  Advanced  Study  of  Information  Warfare 
(lASIW).  One  uses  the  proposed  DODDIR  3600.1  definition  (shown  above  in  the  discussion  of 
DOD)  but  breaks  IW  into  three  “practical”  areas:  Personal  IW,  Corporate  IW,  and  Global 
IW.[Ref.  25]  This  broad  perspective  again  shows  not  only  the  breadth  that  IW  encompasses  but 
also  demonstrates  that  IW  need  not  be  limited  to  the  military  or  political  realm;  in  fact,  IW  can  be 
found  in  the  business  world  as  well  (which  has  been  alluded  to  previously  but  never  specifically 
stated).  The  second  lASIW  paper  uses  more  basic  terminology  by  saying  “Information  Warfare 
is  a  war  in  which  the  weapons  of  warfare  are  not  guns  and  bombs  and  bullets  that  visibly  destroy 
flesh,  blood,  and  bone,  but  [rather  use]  electronic  and  electromagnetic  weapons...”  [Ref.  26] 
Although  this  simplistic  definition  leaves  out  a  lot,  it’s  value  is  that  it  is  written  such  that  almost 
anyone  can  imderstand  it. 

2.  Information  Warfare  versus  Command  and  Control  Warfare 

The  relationship  of  Information  Warfare  and  Command  and  Control  Warfare  has  been 
seen  in  the  majority  of  the  cases  examined.  C2W  was  a  mission  of  the  military  before  IW 
became  a  “hot”  topic.  The  Joint  Chiefs  of  Staff  Memorandiun  of  Policy  Number  30  (MOP  30) 
defines  five  pillars  that  comprise  C2W:  Electronic  Warfare  (EW),  Operational  Deception 
(OPDEC),  Operational  Security  (OPSEC),  Psychological  Operations  (PSYOPS),  and  Physical 
Destruction.  [Ref.  27]  One  can  easily  see  that  most  of  the  definitions  examined  in  this  chapter 
include  one  or  more  of  these  tenets.  However,  there  are  many  things  in  the  various  definitions 
above  that  do  not  fall  under  any  of  these  five  pillars.  Conversely,  not  all  five  pillars  can  be 
applied  to  IW  in  all  cases.  Consequently,  IW  and  C2W  are  closely  related,  but  they  are  not 
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equivalent.  The  best  way  to  look  at  C2W  is  as  a  sub-component  of  IW.  This  sub-component 
does  not  necessarily  fully  overlap  the  IW  domain  (e.g.,  not  all  Physical  Destruction  in  the  C2W 
realm  is  IW)  and  is  one  in  which  the  military  is  ideally  suited  to  execute. 

C.  A  CONSOLIDATED  VIEW 

So  what  is  Information  Warfare?  The  answer  is  simply  that  it  can  be  anything  and 
everything,  depending  on  how  one  defines  it.  Of  course,  that  is  not  a  very  useful  definition.  At 
the  same  time,  one  must  also  realize  that  there  is  no  realistic  way  to  achieve  the  “perfect” 
definition. 


1.  Coming  To  Grips  With  A  Definition 

Still,  any  discussion  of  defining  IW  should  avoid  certain  common  pitfalls  which  have 
been  seen  in  the  various  definitions.  A  partial  list  of  things  to  avoid  include: 

•  No  definition  of  Information  Warfare  should  include  the  word  “information”  in  it, 
unless  accompanied  by  an  explanation  of  what  information  is  in  the  context  of  the 
definition. 

•  Any  additional  terms  that  are  used  in  the  definition  (e.g.,  information-based 
processes)  should  be  defined  or  explained  immediately. 

•  Definitions  should  be  written  in  a  language  understandable  to  the  intended 
audience. 

•  Definitions  should  not  be  too  broad  as  to  encompass  everything  or  too  narrow  as 
to  leave  out  critical  points. 

•  Definitions  should  closely  match  other  organizations’  definitions  as  much  as 
possible. 

Paying  attention  to  these  shortcomings  and  avoiding  them  will  enhance  any  IW  definition. 
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Also,  any  discussion  of  IW  should  also  include  certain  realities  which  are  common  to 
most  definitions,  as  shown  below: 

•  No  one  definition  can  stand  alone;  it  must  be  accompanied  by  amplifying 
information. 

•  Information  Warfare  is  not  the  same  thing  as  Command  and  Control  Warfare. 
Rather,  C2W  is  a  critical  sub-component  of  IW. 

•  Information  Warfare  encompasses  a  wide  range  of  disciplines.  It  involves  more 
than  just  the  military.  In  fact,  government,  business,  industry,  politics,  economics, 
and  education  are  some  of  the  other  players  involved  with  or  that  have  a  stake  in 
IW. 

•  Information  Warfare  is  found  in  varying  degrees  of  intensity,  at  varying  levels  of 
conflict,  from  peace  to  war  and  from  the  strategic  level  to  the  tactical  level. 

Of  course,  these  lists  are  not  meant  to  be  all-inclusive,  but  instead  are  meant  to  serve  as 

reminders  to  some  of  the  problems  facing  those  attempting  to  define  Information  Warfare. 

Considering  all  of  the  problems  that  exist  with  trying  to  define  Information  Warfare,  a 
reasonable  person  might  ask:  is  it  possible  to  define  IW  in  terms  that  are  useful,  understandable, 
and  amenable  to  a  common  syntax?  The  realistic  answer  is:  probably  not.  Then  the  next 
question  should  be:  does  one  need  a  common,  clear,  and  concise  definition?  As  mentioned  in  the 
opening  paragraphs  of  this  chapter,  the  answer  to  that  question  is:  yes,  without  a  doubt.  Well, 
then  what  is  to  be  done?  If  one  cannot  use  words,  what  can  one  use? 

Perhaps  pictures  can  be  used.  Pictures  reduce  the  number  of  words  required  to  define  a 
problem;  this  increases  the  chance  for  agreement  amongst  the  various  factions.  Also,  pictures 
can  more  easily  depict  a  complex  multi-layered ,  multi-faceted  problem,  such  as  IW.  Finally, 
pictures  can  be  tailored  to  the  audience  at  hand;  the  level  of  complexity  and  detail  can  vary  with 
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the  user  of  the  picture.  Of  course,  care  must  be  taken  to  ensure  that  a  fairly  uniform 
interpretation  is  created  by  using  a  standard  guide.  These  steps  can  provide  a  powerful  definition 
tool  that  is  flexible  and  diverse. 

2,  A  Possible  Answer:  Paradigm  F 

While  accepting  the  fact  that  no  one  picture  or  series  of  pictures  can  totally  represent 
Information  Warfare,  some  are  better  than  others.  One  of  the  better  series  of  diagrams  is  called 
Paradigm  F.  Paradigm  F  is  a  concept  espoused  by  Dr.  Fred  Giessler  of  the  National  Defense 
University.  Paradigm  F  consists  of  five  figures  (Figures  1  through  5)  that  are  contained  on  the 
following  pages.  [Ref.  28]  A  tailored  view  of  Paradigm  F,  coupled  with  the  author’s  own 
interpretation,  is  the  main  definition  of  Information  Warfare  that  will  be  used  throughout  this 
thesis.  Not  all  parts  of  the  figures  will  be  discussed  at  this  time.  Some  will  be  detailed  in 
subsequent  chapters  while  others  will  not  be  used  at  all. 

Figure  1  represents  the  basic  view  of  Paradigm  F.  Figure  2  is  the  same  diagram  with 
amplifying  details  and  examples.  This  “onion  skin”  diagram  shows  the  layers  that  define  the 
United  States.  At  the  most  fundamental  level  (the  outermost  layer)  is  the  covmtry’s  national 
purpose.  Here  one  finds  the  ideals  upon  which  the  country  is  built,  such  as  peace  and  freedom, 
and  outlined  in  documents  such  as  the  Constitution  and  the  Bill  of  Rights.  These  ideals  form  the 
basis  for  the  next  layer  which  is  national  interests.  This  layer  contains  our  national  objectives 
and  marks  the  beginning  of  our  government,  starting  with  the  President.  From  these  national 
interests  come  the  next  layer  which  is  the  national  grand  strategy.  Here  the  bureaucracy  of  the 
government  enters  the  picture  with  such  entities  as  Congress. 
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As  the  layers  continue  inward,  they  build  on  the  preceding  outer  layers.  Also,  the 
migration  inward  brings  with  it  more  details.  This  can  best  be  seen  in  the  center  of  the  left-hand 
side.  This  shows  the  division  of  the  strategic,  operational,  and  tactical  levels  of  war.  Each  layer 
shows  examples  of  the  organizations  involved  (e.g.,  the  Joint  Chiefs  of  Staff  are  found  in  the 
national  military  strategy  layer)  as  well  as  traits  of  that  layer  (e.g.,  the  national  grand  strategy 
layer  is  characterized  by  the  subdivisions  economical,  political,  cultural,  etc.).  At  first  glance, 
this  may  appear  quite  impossible  to  understand,  but  after  a  few  minutes  of  studying  it,  it  becomes 
almost  intuitive. 

The  thick  black  line  on  the  right-hand  side  shows  the  Information  Warfare  domain.  One 
should  note  that  this  domain  cuts  across  all  facets  of  the  paradigm,  albeit  with  varying  degrees  of 
influence.  The  influence  is  most  heavy  near  the  center  and  extends  outward  to  midway  through 
the  operational  level  of  war.  Then  begins  a  gradual  taper  to  almost  no  influence  at  the  outer,  edge 
of  the  strategic  level.  At  the  heart  of  the  paradigm  is  C2W.  This  represents  the  lowest  level  of 
execution  of  the  outermost  layer.  One  might  say  that  the  move  inward  along  the  diagram  brings 
with  it  a  decreasing  level  of  theory  and  an  increasing  level  of  tangibility. 

While  these  first  two  diagrams  help  one  to  understand  where  Information  Warfare  fits 
into  the  larger  picture,  they  do  not  explain  what  Information  Warfare  is.  To  facilitate  this 
explanation,  one  needs  Figures  3  through  5.  Each  of  the  figures  is  entitled  “Paradigm  F.l"  and  is 
dedicated  to  the  Information  Warfare  domain.  The  x-axis  of  each  of  the  three  diagrams  shows 
the  spectrum  of  conflict,  from  peace  to  war  and  back  to  peace.  Underneath  that  is  depicted  the 
national  security  environment  continuum  and  shows  where  each  of  the  Combatant  Commanders 
(CINCs)  and  Joint  Force  Commander  (JFCs)  are  involved  (one  should  notice  that  the  CINC  is 
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National  Purpose 


Constitution  Bill  of  Rif;jlL 


Figure  2.  Paradigm  F  (2  of  2). [From  Ref  28] 
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involved  almost  throughout).  The  y-axis  of  each  diagram  shows  the  non-linear  quantity  of  effort 
required  for  the  elements  of  the  curves. 

Each  of  the  three  figures  has  two  curves  (they  are  the  same  on  all  three);  the  upper  curve 
represents  Information  Warfare  while  the  lower  curve  shows  C2W.  Figure  3  provides  details  for 
C2W.  The  various  elements  that  comprise  C2W  are  listed  imder  the  curve.  The  arrows  represent 
the  range  of  the  national  security  environment  where  those  elements  apply.  The  height  of  those 
arrows  are  the  amount  of  effort  required  to  execute  those  elements.  Notice  such  things  as 
Command,  Control,  Communications,  Computers,  and  Intelligence  (C4I)  require  very  little 
relative  effort  and  span  the  entire  continuum  while  C2  Destruct  occurs  only  around  war  and 
requires  a  lot  of  effort.  Definitions  for  each  of  the  elements  on  the  diagrams  are  not  important  for 
the  context  of  this  chapter.  Some  of  the  elements  will  be  revisited  in  greater  detail  in  later 
chapters. 

Figure  4  displays  the  details  of  the  Information  Warfare  curve.  The  smaller  text  on  the 
right-hand  side  shows  the  different  focus  areas  of  Information  Warfare:  military,  energy, 
leadership,  religion,  society,  governance,  and  political  power.  More  importantly  (for  later 
chapters),  this  small  text  also  lists  some  of  the  major  centers  of  gravity  (education,  banking, 
media,  transportation,  telecommunications,  customs,  etc.).  The  larger  text  on  the  left-hand  side 
shows  a  list  of  some  of  the  more  specific  ways  that  IW  can  be  implemented  (e.g.,  manage 
perceptions,  sever-degrade  C2/C3/C4I,  etc.).  This  list  is,  of  course,  not  all-inclusive.  The  height 
of  the  text  again  shows  the  relative  amount  of  effort  required  to  accomplish  that  task.  Finally, 
Figure  5  is  merely  a  combination  of  Figures  3  and  4.  It  shows  both  the  Information  Warfare 
curve  and  the  C2W  curve.  Together,  they  represent  the  IW  domain  shown  on  Figures  1  and  2. 
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Paradigm  F.  1 


Paradigm  F.  1 


Figure  5.  Paradigm  F.l  (3  of  3). [From  Ref.  28] 
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Paradigm  F  (which  includes  Paradigm  F.l  for  the  purposes  of  this  discussion)  is  a 
clarifying  tool.  In  basically  two  (but  expanded  to  five  for  ease  of  explanation)  diagrams,  one  can 
simply  and  effectively  explain  what  Information  Warfare  is.  The  whole  range  of  sub- 
eomponents,  from  military  to  politics  is  addressed.  The  whole  spectrum  of  conflict  is  viewed. 
Some  specific  uses  of  both  Information  Warfare  and  its  child,  C2W,  are  stated.  Even  the  place  of 
Information  Warfare  in  everything  that  comprises  the  United  States  is  seen.  Paradigm  F  is  a 
powerful  way  to  clearly  and  concisely  explain  to  virtually  anyone  what  the  definition  of 
Information  Warfare  is. 

D.  THE  BOTTOM  LINE 

This  chapter  has  been  a  brief  overview  of  some  of  the  many  perspectives  of  Information 
Warfare.  Some  might  argue  that  these  points  have  been  anything  but  brief,  but  if  one  truly 
understands  Paradigm  F,  then  one  can  truly  appreciate  the  enormousness  of  this  “beast”  and  see 
that  this  chapter  has  only  touched  the  surface.  While  many  different  definitions  exist  for 
Information  Warfare  (as  well  as  many  different  words  for  Information  Warfare),  no  one 
definition  can  folly  capture  the  entire  view.  If  one  accepts  that  a  common  definition  is  necessary 
to  facilitate  the  execution  of  IW,  then  one  can  see  the  need  to  be  as  close  to  all-encompassing  as 
possible.  However,  such  a  definition  would  need  to  avoid  some  of  the  common  pitfalls  outlined 
earlier  as  well  as  remember  certain  key  features.  Perhaps  the  most  efficient  way  to  accomplish 
all  of  these  objectives  is  by  using  powerful  pictures,  such  as  presented  by  Paradigm  F. 
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III.  INFORMATION  WARFARE  ORGANIZATIONS 


A.  INFORMATION  WARFARE  PLAYERS 

After  settling  on  Paradigm  F  as  a  definition  for  Information  Warfare,  the  next  logical  step 
is  to  further  clarify  the  entities  that  exist  in  the  Information  Warfare  Domain.  As  described  in  the 
previous  chapter,  the  Information  Warfare  Domain  extends  to  all  comers  and  at  all  levels  of 
everything  that  is  the  United  States.  This  fact  would  imply  that  almost  everyone  is  a  player  on 
the  field  of  Information  Warfare.  In  reality,  not  everyone  is  (but  almost  everyone).  However, 
more  and  more  people  and  organizations  are  embracing  the  Third  Wave  as  reality  and  developing 
Information  Warfare  strategies  as  a  result.  One  could  argue  that  there  is  not  much  utility  in 
defining  an  organizational  stmcture  where  almost  anyone  and  everyone  is  a  player.  On  the 
contrary,  with  such  a  crowded  field,  the  need  is  even  greater  for  clarification. 

Table  3  on  the  following  page  shows  a  possible  breakdown  of  these  players.  The  leftmost 
column  shows  four  major  categories.  The  middle  column  breaks  down  each  of  these  into  smaller 
subcategories.  The  final  column  shows  examples  of  specific  organizations  or  groups  of 
organizations  that  have  a  vested  interest  in  Information  Warfare.  The  paragraphs  below  expound 
on  some  of  these  categories,  subcategories,  and  examples.  A  detailed  discussion  of  each  element 
in  the  table  is  not  necessary  in  the  context  of  this  thesis.  As  a  result,  some  areas  will  get  heavy 
emphasis  (e.g..  Department  of  Defense)  while  others  will  only  be  briefly  reviewed  (e.g.,  State 
and  Local  Governments).  One  should  note  that  the  Federal  Government  and  National  are  two 
separate  entries  in  the  table.  This  is  done  because  the  Federal  Government  is  the  major  player 
within  the  National  domain  and  deserves  its  own  category. 
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MAJOR  CATEGORY 

SUBCATEGORY 

EXAMPLES 

International 

e.g.,  Canada 

e.g.  Dept,  of  National  Defence 

National 

Public 

Academia 

Public  Interest  Groups 

Media 

Private 

Industries 

Associations/Alliances 

Subversive  Elements 

Federal  Government 

Executive  Branch 

Dept.  Of  Defense 

Other  Departments 

Interagency  Groups 

Advisory  Committees 

Independent  Establishments 

e.g,  CIA,  FCC,  FEMA,  etc. 

Legislative/Judicial 

e.g.  Senate,  House  of 

Representatives,  etc. 

State  &  Local  Governments 

e.g,  Texas 

e.g..  Dept.  Of  Transportation 

Table  3.  Information  Warfare  Players.  [A1 

ElerRef  29] 

One  obvious  missing  piece  from  this  table  is  the  individual  citizen.  Although  the  average 
person  definitely  has  a  high  interest  in  IW  (e.g.,  it  is  the  individual’s  money  that  will  be  stolen 
when  a  hacker  breaks  into  a  bank’s  computers),  this  thesis  is  primarily  concerned  with 
organizations  and  collective  entities.  Although  the  role  of  the  citizen  is  recognized,  a  detailed 
analysis  of  that  role  is  neither  relevant  nor  feasible  in  the  context  of  this  thesis,  and  thus  is  only 
mentioned  briefly. 
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1. 


International  Level 


As  alluded  to  in  the  previous  chapter,  Information  Warfare  is  not  limited  to  the  United 
States.  Although  the  U.S.  has  most  of  the  technology  and  knowledge  that  is  conducive  to 
Information  Warfare,  many  other  countries  and  international  organizations  are  involved.  Some 
are  interested  in  purely  the  defensive  side  of  IW,  some  are  interested  in  an  offensive  aspect 
against  the  U.S.  (as  well  as  other  countries),  and  some  are  interested  in  both.  Not  much  specific 
information  is  easily  available  concerning  these  endeavors.  However,  some  common  trends  in 
the  world  can  be  collated  to  form  a  generic  picture  of  a  viable  IW  player.  This  portrait  can  then 
be  used  to  create  strategies  that  are  defensive  or  offensive  in  nature.  The  latter  facet  is  the  crux 
of  this  thesis. 

2.  National  Level 

As  outlined  in  Paradigm  F,  the  United  States  is  a  major  player  in  the  Information  Warfare 
game.  Almost  all  comers  of  society  are  impacted,  from  the  public  to  the  private.  Each  area  is 
involved  to  varying  degrees.  Note  that  this  definition  of  National  Level  excludes  the  federal 
government  (which  is  a  category  of  its  own  in  Table  3). 
a.  Public 

The  three  major  players  in  the  Public  subcategory  are  Academia,  Public  Interest 
Groups  (PIGs),  and  the  Media.  As  seen  in  the  previous  chapter,  the  academic  community  has 
been  heavily  involved  with  defining  the  problem.  The  media  has  an  obvious  role  as  one  of  the 
prime  distributors  of  information  at  large.  As  with  almost  any  democratic  society,  PIGs  also  are 
interested  in  Information  Warfare;  however,  their  role  is  not  vital  to  this  study  and  will  thus  be 
ignored. 
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(1)  Academia.  While  contributing  to  the  debate  oflW  definitions  and 
terminology,  the  academic  community  is  also  promoting  education  in  the  field.  Almost  every 
one  of  the  academics  listed  in  Chapter  II  have  at  least  one  major  publication  to  their  name.  Some 
are  employed  on  faculties  and  some  are  writers  for  various  periodicals  (or  both).  Several  civilian 
schools  and  universities  (e.g.,  George  Mason  University)  have  created  courses  or  concentrations 
of  study  related  to  Information  Warfare.  More  and  more  public  and  private  corporations, 
organizations,  and  bureaucracies  are  including  IW  material  in  their  education  and  training 
programs. 

The  Department  of  Defense  has  established  formal  courses  of  study  at  all 
levels  of  formal  education  and  everyday  training.  Although  the  efforts  are  diverse  across  the 
board,  more  emphasis  on  standardization  (brought  about  in  part  by  increased  dissemination  of 
knowledge)  is  the  current  trend.  As  an  example,  the  National  Defense  University  has  created  an 
entire  school  (the  School  of  Information  Warfare  and  Strategy)  dedicated  to  the  study  of  this 
discipline.  Another  example  is  the  Naval  Postgraduate  School  which  has  restructured  an  entire 
curriculum  and  focused  it  on  Information  Warfare.  The  increasing  importance  of  IW  will  lead  to 
even  more  formal  programs  being  established. 

(2)  Media.  The  role  of  the  media,  as  a  prime  provider  of  information, 
cannot  be  ignored.  As  one  example.  Chuck  De  Caro,  former  Cable  News  Network  (CNN) 
correspondent  and  current  president  of  Aerobureau  Corporation^,  preaches  what  he  call  “Soft 
War”.  Since  television  has  proliferated  itself  to  almost  all  parts  of  the  world  (“global 

^  Aerobureau  Corporation  is  the  company  that  developed  the  fully  integrated 
airborne  journalistic  platform.  It  contains  everything  a  team  of  journalists  needs  to  do 
their  job,  and  it  is  highly  versatile  (e.g,  it  can  land  on  almost  the  smallest  of  runways). 
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television”),  the  media  can  be  used  as  a  weapon.  By  effective  manipulation  of  “B-Rolls”  (video 
clips),  a  country’s  perception  of  reality  can  be  skewed.[Ref  30]  These  ideas  will  be  revisited  in 
later  chapters.  Thus,  the  media  is  definitely  involved  in  IW,  willingly  or  not. 
b.  Private 

(1)  Industry.  Industry  and  the  business  world  are  also  Information 
Warfare  players.  The  most  obvious  role  is  a  defensive  one  in  which  a  corporation  desires  to 
safeguard  its  electronically  stored  information.  As  more  and  more  business  is  being  conducted 
over  electronic  media,  the  need  is  growing  to  protect  that  information  from  manipulation  or 
destruction.  As  a  result,  many  companies  have  created  information  security  organizations.  Some 
of  the  companies  with  formal  IW-related  groups  include:  American  Bankers  Association,  AT&T, 
Citibank  Corporation,  Intel  Corporation,  Motorola,  Inc.,  Silicon  Graphics,  Inc.,  and  Sony.[Ref 
29]  Note  that  this  list  is  not  all-inclusive,  but  rather  provides  a  sampling  of  the  variety  of 
corporations  that  are  involved  in  IW. 

(2)  Subversive  Elements.  One  obvious  group  of  people  that  caimot  be 
ignored  on  the  IW  playing  field  are  the  subversive  elements.  They  range  anywhere  from  the 
teenage  amateur  hacker  and  the  disgruntled  employee  to  the  sophisticated  newsgroup  clique  and 
the  highly  organized  terrorist  cell.  These  people  or  groups  of  people  can  cause  serious  damage 
from  an  IW  viewpoint  and  must  be  considered  as  part  of  the  total  IW  picture. 

The  traditional  view  of  a  hacker^  has  changed  from  the  Wargames 
paradigm  of  a  lone,  exploring  kid  to  the  much  more  dangerous  professional.  These  latter 

®  A  hacker  can  be  defined  as  “a  computer  user  who  attempts  to  gain  unauthorized 
access  to  proprietary  computer  systems”.  [Ref  31] 
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individuals  and  groups  have  turned  a  typically  solo  venture  into  a  small  (but  growing)  business 
enterprise.  Today,  hackers  are  not  driven  by  such  things  as  revenge,  as  they  were  in  the  past,  but 
rather  by  things  such  as  possible  financial  or  political  gain.  That  changing  mentality,  coupled 
with  the  availability  of  hacker  knowledge  {e.g.,  easily  accessible  newsgroups  such  as  alt.2600 
provide  tips  for  hackers  as  well  as  programming  code  segments),  has  led  to  a  far  more  dangerous 
threat  than  the  individual  bent  on  proving  a  point. 

As  more  and  more  government  and  commercial  computer  systems  are 
being  penetrated  and  exploited  by  subversive  elements,  changes  are  ongoing  to  counter  these 
endeavors.  Thus,  one  can  easily  see  that  these  subversive  elements  are  a  vital  piece  of  the  IW 
puzzle. 

3.  Federal  Government 

Naturally,  the  U.S.  government  is  interested  in  Information  Warfare.  Paradigm  F  shows 
the  range  of  government  interests.  Chapter  II  offered  IW  definitions  mostly  from  government 
sources.  Yet,  the  government  has  not  settled  on  a  consolidated  view  or  strategy  for  Information 
Warfare.  Instead,  each  group  within  the  government  has  its  own  IW  organizations  with  very 
little  cooperation  and  sharing  amongst  the  factions  (although  some  improvements  in  this  area 
have  begun). 

a.  Executive  Branch 

The  highest  levels  of  government  have  embraced  Third  Wave  principles  and  taken 
steps  in  developing  Third  Wave  thinking  and  products.  As  an  example.  Vice  President  A1  Gore 
is  implementing  the  concept  of  a  totally  networked  United  States  built  upon  the  National 
Information  Infrastructure  (Nil).  The  Nil  is  discussed  in  the  next  chapter.  A  large  number  of 
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organizations  within  the  Executive  Branch  of  the  government  have  formal  groups  dedicated  at 
least  in  part  to  the  Information  Warfare  mission.  A  sampling  is  shown  in  Table  4  below. 


CATEGORY 

SUBCATEGORY 

EXAMPLES 

Advisory  &  Policy  Groups 

National  Security  Coimcil 

NatT  Information 

(NSC) 

Infrastructure  Task  Force 

National  Economic  Coimcil 

N/A 

NatT  Sec.  Telecomm. 

N/A 

Advisory  Committee 

Office  of  Science  and 

N/A 

Technology  Policy 

Departments 

Commerce 

NatT  Institute  of  Standards 

and  Technology 

Defense 

USA,  USN,  NSA,  DISA,  etc. 

Energy 

Sandia  Labs,  etc. 

Justice 

FBI,  Computer  Crime  Unit 

State 

Bureau  of  Diplomatic  Sec. 

Transportation 

Coast  Guard 

Treasury 

IRS,  Secret  Service 

Table  4.  Executive  Branch  Information  Warfare  Players.  [After  Ref  29] 
b.  Department  of  Defense 

The  Department  of  Defense  (DOD),  charged  with  protecting  the  United  States 


from  foreign  hostile  threats,  has  a  large  (and  sometimes  controversial)  role  to  play  in  Information 
Warfare.  In  fact,  the  majority  of  organizations  within  DOD  have  at  least  a  minor  role  to  play  in 
IW.  Some  of  the  major  players  include:  the  Office  of  the  Secretary,  the  Armed  Services  (Joint 
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Chiefs  of  Staff,  Army,  Navy/Marine  Corps,  and  Air  Force),  and  other  groups  (NSA,  DISA,  DIA, 
etc.).  The  following  paragraphs  provide  some  details  about  some  of  these  specific  entities.  The 
scope  of  this  thesis  precludes  a  detailed  discussion  of  each  organization  or  even  a  brief 
discussion  of  all  organizations.  As  a  result,  only  some  of  the  major  actors  are  included. 

(1)  Office  of  the  Secretary.  The  major  players  in  the  Office  of  the 
Secretary  of  Defense  are:  the  Assistant  Secretary  of  Defense  for  Command,  Control, 
Communications,  and  Intelligence  (ASD  C3I),  the  Information  Warfare  Executive  Board 
(IWEB),  the  Office  of  Net  Assessment  (OSD  NA),  and  the  Infrastructure  Policy  Directorate  in 
the  Office  of  the  Under  Secretary  of  Defense  for  Policy  (USDP IPD).  The  ASD  C3I  is  the 
principal  advisor  to  the  Secretary  of  Defense  (SECDEF)  for  Information  Warfare  issues.  He  is 
charged  with  overall  direction  of  IW  issues  within  DOD.  The  IWEB  is  chaired  by  the  Deputy 
Secretary  of  Defense  (DEPSECDEF)  and  its  membership  includes:  the  ASD  C3I,  the  USDP,  the 
Vice  Chairman  of  the  Joint  Chiefs  of  Staff  (V CJCS),  the  Deputy  Director  of  Central  Intelligence 
(DDCI),  the  directors  of  the  National  Security  Agency  (NSA)  and  the  Defense  Information 
Systems  Agency  (DISA),  the  DOD  Comptroller,  a  representative  from  the  NSC,  and  the  DOD 
General  Counsel.  This  interagency  and  interservice  committee  manages  IW  policy,  planning, 
and  legal  concerns.  OSD  NA  performs  IW  analysis  for  SECDEF.  The  USDP  IPD  deals  mainly 
with  the  creation,  protection,  and  maintenance  of  the  national  infrastructure  (Defensive  IW).  Of 
course,  each  of  the  organizations  discussed  in  this  paragraph  have  their  own  supporting  staffs  that 
coordinate  with  other  organizations,  both  inside  and  outside  of  DOD.  [Ref.  29] 

(2)  Joint  Chiefs  of  Staff.  The  Joint  Chiefs  of  Staff  (JCS)  are  responsible 
for  coordinating  all  military  Information  Warfare  endeavors.  There  are  two  major  subdivisions 
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within  the  JCS:  J6K  and  J38.  J6K  is  the  Information  Warfare  Division  and  deals  with  Defensive 


IW.  J38  is  the  Information  Warfare/  Special  Technical  Operations  Division  (IW  STOD)  and 
works  in  the  Offensive  IW  realm.  A  third  arm  of  JCS  IW  efforts  could  be  the  education  and 
training  provided  by  the  National  Defense  University  (NDU).  [Ref  29]  The  specifics  of  NDU’s 
efforts  have  been  discussed  in  the  section  on  academia. 

Also  closely  tied  to  the  JCS  is  the  role  of  the  CINCs,  who  are  heavily 
involved  in  IW.  CINC  in  this  context  focuses  primarily  on  the  regional  CINCs;  supporting 
CINCs,  such  as  Space  Command  (SPACECOM)  and  Transportation  Command  (TRANSCOM), 
are  also  involved.  CINCs  serve  as  the  chief  warfighters  for  a  given  geographical  area.  In  this 
capacity,  they  must  be  familiar  with  all  aspects  of  warfare,  and  thus  all  facets  of  IW,  from  the 
strategic  (CINCs  work  directly  for  SECDEF)  to  the  operational  (CINC’s  primary  mission)  to  the 
tactical  (CINC  subordinate  commanders).  While  each  CINC’s  organi2ational  structure  is  slightly 
different,  each  has  at  least  a  C2W  organization  and,  increasingly,  an  IW  cell. 

(3)  Department  of  the  Army.  As  mentioned  in  the  previous  chapter,  the 
Army  views  Information  Warfare  as  a  subset  of  Information  Operations.  IW  is  implemented  by 
the  military  in  the  form  of  C2W.  As  a  result,  the  majority  of  the  Army’s  efforts  are  C2W-based. 
There  are  basically  three  echelons  of  IW  endeavors:  Army  Staff,  major  command  level,  and 
other  elements.  [Ref.  29]  Table  5  shows  a  summary  of  the  different  organizations  by  echelon. 

No  details  of  specific  activities  will  be  discussed  in  this  chapter.  In  subsequent  chapters, 
references  to  some  of  these  organizations  will  be  made.  The  reader  should  note  the  C2W 
emphasis  (supported  by  intelligence)  throughout  the  Army’s  organizational  structure  (e.g., 
PSYCOM).  The  Army’s  entire  10  concept  is  centered  around  the  concept  of  a  “digitized” 
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battlefield  in  which  information  is  passed  through  all  hierarchies,  even  down  to  the  individual 
soldier. [Ref.  15]  Thus,  IW  is  vital  to  the  Army’s  future. 


ECHELON 

ORGANIZATION 

Army  Staff 

Ass’t  Secretary  of  the  Army  (Research/Development/ Acquisition)  (SARD  A) 

Office  of  the  Deputy  Chief  of  Staff  for  Operations  (ODCSOPS) 

Office  of  the  Deputy  Chief  of  Staff  for  Intelligence  (ODCSINT) 

Office  of  the  Director  of  Information  Systems  for  C4  (ODISC4) 

Major 

Intelligence  and  Security  Command  (INSCOM) 

Command 

Information  Systems  Command  (ISC) 

Training  and  Doctrine  Command  (TRADOC) 

Other 

Land  Information  Warfare  Activity  (LIWA) 

Elements 

Psychological  Operations  Command  (PSYCOM) 

Special  Operations  Command  (SOCCOM) 

Table  5.  Army  Information  Warfare  Players. [After  Ref.  29] 


(4)  Department  of  the  Navy.  TheNavy’s  view  of  Information  Warfare 
was  seen  in  the  second  chapter:  Exploit,  Protect,  and  Attack.  To  support  that  definition,  the 
Navy  is  trying  to  focus  on  the  implementation  of  IW  at  the  operational  (i.e.,  Joint  Force 
Commander  or  JFC)  level.  However,  there  still  exists  the  need  for  an  administrative  support  arm 
for  doctrine  and  policy.[Ref  32]  A  summary  of  the  Navy’s  organizations  is  provided  in  Table  6. 

On  the  administrative  side,  the  Navy’s  cryptologic  organization  (Naval 
Security  Group  or  NAVSECGRU)  has  been  designated  as  Executive  Agent  for  Navy  IW.[Ref. 
33]  This  means  that  NAVSECGRU  is  tasked  with  coordination  of  all  Navy  IW  activities.  Of 
course,  the  Navy  Staff  is  also  involved.  Specifically,  N3/5  (Plans,  Policy,  and  Operations)  and 
N64  (IW  Division)  along  with  Naval  Doctrine  Command  (NDC)  develop  requirements  and 
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systems  as  well  as  policy  and  doctrine. [Ref.  32]  In  addition,  CNET  (Chief,  Naval  Education  and 
Training)  is  implementing  formal  IW  instruction  and  training  at  all  layers,  from  entry-level 
training  (boot  camp,  officer  training,  etc.)  to  senior  officer  education  (e.g.,  Prospective 
Commanding  Officer’s  School).  [Ref  29]  However,  some  education  programs,  such  as  the  Naval 
War  College,  the  Naval  Postgraduate  School,  and  the  Naval  Academy,  fall  under  the  auspices  of 
the  Vice  Chief  of  Naval  Operations  (VCNO)  vice  CNET. 

The  operational  perspective  of  Navy  IW  centers  around  the  recently- 
formed  Fleet  Information  Warfare  Center  (FIWC).  FIWC  is  located  in  Norfolk,  Virginia,  with  a 
detachment  in  San  Diego,  California.  FIWC’s  primary  mission  is  to  assist  the  Fleet  CINCs  in  the 
creation  and  implementation  of  IW/C2W  (recall  the  Navy’s  definition  of  IW  from  Chapter  II) 
“tactics,  procedures,  and  training”.  [Ref  32]  Supporting  these  endeavors  is  the  Naval  Information 
Warfare  Activity  (NIWA)  which  provides  technical  support,  including  research  and 


development,  for  IW.  Of  course.  Naval  Intelligence  (N2)  supports  all  Navy  IW  and  C2W  efforts. 


LEVEL 

ORGANIZATION 

PRIMARY  IW  MISSION 

Administrative 

NAVSECGRU 

Executive  Agent 

N3/5 

Plans  &  Policy 

N64 

Requirements  &  Programs 

NDC 

Doctrine 

CNET 

Education  &  Training 

Operational 

FIWC 

Assist  Fleet  CINCs  in  IW/C2W  execution 

NIWA 

Develop  IW  technologies 

N2 

Provide  intelligence  support  for  IW/C2W 

Table  6.  Navy  Information  Warfare  Players. [After  Refs.  29,  32,  and  33] 
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The  Marine  Corps  also  has  an  interest  in  Information  Warfare,  albeit 
focused  mainly  on  C2W.  The  two  major  Marine  Corps  organizations  involved  are  the  National 
Plans  Branch  (NPB)  in  the  Plans,  Policy,  and  Operations  Branch  at  Headquarters,  Marine  Corps 
(HQMC),  and  the  Assistant  Chief  of  Staff  for  C4I.  The  former  is  concerned  mostly  with  IW  as  it 
relates  to  national  and  DOD  policy  while  the  latter  is  concerned  more  with  traditional  C2W 
missions  (e.g.,  EW,  OPSEC,  etc.).  Also,  the  Marine  Corps  has  created  a  working  group  to 
coordinate  efforts  with  the  other  services  as  well  as  national  organizations.  [Ref.  29] 

(5)  Department  of  the  Air  Force.  Chapter  II  outlined  the  Air  Force’s 
definition  of  Information  Warfare  which  can  be  summarized  as  enhanced  C2W  with  some  added 
value.  Towards  that  end,  the  Air  Force  has  created  an  extensive  Information  Warfare 
organizational  structure.  This  structure  can  be  broken  down  into  four  major  components: 
Direction  and  Administration,  Procurement,  Support,  and  Execution.  A  summary  table.  Table  7, 
is  provided  at  the  end  of  the  paragraphs  discussing  each  of  the  four  components. 

At  the  top  level  in  the  Air  Force,  the  Chief  of  Staff  has  directed  that  the 
Assistant  Chief  of  Staff  for  Intelligence  (ASCI)  and  the  Deputy  Chief  of  Staff  for  Operations 
(XO)  coordinate  implementation  of  IW  in  the  Air  Force.  ASCI  is  writing  the  policy  and  doctrine 
with  monitoring  and  consent  by  XO  as  well  as  by  the  Assistant  Chief  of  Staff  for  C4  (SC).  In 
turn,  the  Doctrine  branch  (XOX)  publishes  the  doctrine.  [Ref.  29]  These  organizations  form  the 
Direction  and  Administration  component. 

Procurement  of  IW  systems  is  also  important,  so  the  Assistant  Secretary  of 
the  Air  Force  for  Acquisition  (ASAF/AQ)  and  Air  Force  Materiel  Command  (AFMC)  are 
involved.  Two  primary  subsidiary  organizations  involved  are  Rome  Laboratory  and  the 
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Electronic  Systems  Center  (ESC)[Ref.  29]  Rome  Lab  deals  with  research  of  IW  systems  while 
ESC  is  focsued  on  acquisition  of  IW  systems.  These  groups  collectively  form  the  second 
component. 

Any  kind  of  IW  or  C2W  operation  needs  to  be  supported  by  intelligence 
and  thus  the  ACSI  is  involved  from  that  aspect  as  well  via  the  Air  Intelligence  Agency  (AIA)  and 
its  subordinate  specialty  organization,  the  Air  Force  Information  Warfare  Center  (AFIWC).[Ref 
29]  One  of  the  more  critical  nodes  in  this  organizational  network  is  AFIWC.  AFIWC  “supports 
operations,  campaign  planning,  acquisition  and  testing.”[Ref  34]  To  this  end,  AFIWC  provides 
Information  Warfare  Support  Teams  (IWSTs)  which  are  dedicated  to  supporting  the 
warfighter.  [Ref  34]  ASCI,  AIA,  AFIWC,  and  IWSTs  comprise  the  third  component. 

The  fourth  and  final  component  is  execution.  For  that  purpose,  the  Air 
Force  has  recently  stood  up  the  first  squadron  dedicated  entirely  to  Information  Warfare:  the 
609th.  The  actual  composition  of  materiel  and  personnel  for  this  squadron  as  well  its  specific 
missions  are  all  still  very  fluid.  [Ref  35]  An  expanded  role  for  XO  and  SC  are  anticipated  in  the 
future  in  the  Execution  component.  [Ref.  29] 


PRIMARY  MISSION  COMPONENTS 

ORGANIZATIONS  INVOLVED 

Direction  &  Administration 

XO,  ASCI,  XOX,  SC 

Procurement 

ASAF/AQ,  AFMC,  Rome  Lab,  ESC 

Support 

ASCI,  AIA,  AFIWC,  IWSTs 

Execution 

609th  IW  Squadron,  XO,  SC 

Table  7.  Air  Force  Information  Warfare  Players. [After  Refs.  29,  34  and  35] 

(6)  Other  Organizations.  Three  other  DOD  organizations  are  also  worth 
mentioning  for  their  role  in  DOD  Information  Warfare:  NSA,  DISA,  and  DIA.  Numerous  other 
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supporting  organizations  also  contribute  somewhat  to  the  Information  Warfare  mission,  but  they 
are  too  numerous  to  list  here. 

The  Defense  Intelligence  Agency  (DIA)  is  involved  in  IW  for  the 
necessary  intelligence  support  aspect  and  coordinating  the  efforts  of  the  individual  services.  [Ref 

36]  The  specifics  of  the  service  intelligence  organizations  were  seen  earlier  under  their  respective 
departments. 

The  Defense  Information  Systems  Agency  (DISA)  is  the  central  control 
point  for  Defensive  Information  Warfare  (DIW)  endeavors  within  DOD.  DISA  is  tasked  with 
defending  the  Defense  Information  Infrastructure  (DII),  the  DOD’s  component  of  the  NII.[Ref 

37]  The  major  IW  players  at  DISA  are:  the  Directorate  of  Operations  (D3),  the  Information 
Warfare  Division  (D34),  the  Center  for  Information  Systems  Security  (CISS),  and  the  Automated 
Systems  Security  and  Incident  Support  Team  (ASSIST). [Ref.  29] 

As  the  traditional  providers  of  Signals  Intelligence  (SIGINT)  (e.g.,  EW), 
the  National  Security  Agency  (NSA)  is  also  heavily  involved  in  Information  Warfare.  The 
Information  Warfare  Director  is  a  senior  level  military  officer  or  civilian  who  works  directly  for 
the  Director  of  NSA.  He  is  charged  with  representing  NSA’s  interests  and  coordinating  with 
other  agencies  and  entities.  The  Information  Warfare  Support  Center  is  found  in  G  Group. 

Other  NSA  players  include:  K  Group,  V  Group  and  X  Group.  [Ref.  29] 

Overall,  the  Department  of  Defense  is  the  largest  single  participant  of  the 
federal  government  in  the  Information  Warfare  realm.  As  prime  providers  of  national  security, 
DOD  plays  on  both  the  offensive  and  defensive  side  of  Information  Warfare.  The  numerous 
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organizations  involved  in  many  different  facets  of  IW  require  a  significant  coordination  effort 
from  the  highest  levels  within  the  department  as  well  as  from  the  individual  organizations. 

c.  Legislative/ Judicial 

Not  only  is  the  Executive  Branch  involved  with  Information  Warfare,  but  the 
other  two  branches  of  the  federal  government  are  involved  as  well.  The  Judicial  Branch  is 
obviously  involved  to  enforce  statutes  and  resolve  legal  and  constitutional  issues.  As  the 
etherealness  of  the  Information  Warfare  domain  is  placed  under  legal  scrutiny,  the  Judicial 
Branch  will  be  required  to  rule  on  enforcement  of  IW  laws.  The  legal  considerations  of  IW  will 
be  expoxmded  upon  in  a  subsequent  chapter. 

The  Legislative  Branch  has  an  important  role  to  play  in  the  creation  of  laws 
regarding  Information  Warfare.  Numerous  committees  and  subcommittees  in  both  the  Senate 
and  House  of  Representatives  have  a  role.  In  the  Senate  the  following  committees  or 
subcommittees  are  involved  in  some  fashion;  Appropriations,  Communications,  Armed  Services, 
Intelligence,  Regulation  &  Government  Information,  and  Terrorism,  Technology  and 
Government  Information.  In  the  House,  the  following  are  significant:  Appropriations,  Budget, 
Telecommunications  and  Finance,  Government  Management:  Information  and  Technology, 
Crime,  Intelligence,  National  Security,  and  Technology.  [Ref.  29] 

d.  Independent  Establishments  and  Government  Corporations 

The  last  component  of  the  federal  government  that  needs  to  be  addressed  are  the 
various  independent  establishments  and  government  corporations.  Three  obvious  examples  are 
worth  mentioning:  the  Central  Intelligence  Agency  (CIA),  the  Federal  Comminations 
Commission  (FCC),  and  the  Federal  Emergency  Management  Agency  (FEMA).  CIA  is  the 
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prime  provider  of  intelligence  at  the  national  level  so  is  an  obvious  player.  The  FCC  regulates 
communications  within  the  United  States,  both  foreign  and  domestic.  DISA  works  closely  with 
the  FCC  in  protecting  the  Dll.  FEMA  is  involved  with  IW  from  the  national  disaster  perspective, 
including  national  security  emergencies  and  terrorist  incidents.  [Ref  29] 

4.  State  and  Local  Governments 

The  role  of  state  and  local  governments  in  Information  Warfare  needs  only  to  be 
mentioned  in  passing.  More  and  mpre  states  have  enacted  statutes  for  computer  crime  and  other 
IW  issues.  Although  this  role  is  not  critical  to  this  thesis,  it  is  something  to  bear  in  mind. 

B.  THE  INFORMATION  WARFARE  FIELD 

The  Information  Warfare  playing  field  is  crowded.  A  large  number  of  organizations  have 
stated  IW  objectives.  This  chapter  has  attempted  to  give  the  reader  a  brief  overview  of  the 
multitude  of  players  involved  as  well  as  an  introduction  to  the  complexity  of  their  respective 
organizations.  By  no  means  are  these  descriptions  meant  to  be  all-inclusive.  Rather,  they  are 
designed  to  give  the  reader  a  feel  for  the  quantity  and  disparity  of  organizations  involved  in 
Information  Warfare. 

The  opening  paragraph  of  this  chapter  stated  that  under  the  Paradigm  F  structure,  anyone 
and  everyone  was  a  player  on  the  Information  Warfare  field.  While  this  may  be  very  true  to 
some  extent  (especially  in  light  of  the  myriad  of  organizations  mentioned  in  this  chapter),  there  is 
little  benefit  in  such  a  statement.  In  fact,  a  detailed  discussion  of  the  many  players  (and  not  just  a 
blanket  statement),  appropriately  partioned,  is  necessary  to  better  understand  the  Information 
Warfare  domain. 
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Of  course,  the  inclusion  of  everyone  on  the  playing  field  (albeit  hypothetically  somewhat 
segregated  by  organization)  has  its  drawbacks.  The  potential  exists  for  duplication  of  efforts  or 
even  omission  of  a  function  (under  the  presumption  that  another  organization  is  charged  with  that 
mission).  Also,  having  a  crowded  playing  field  potentially  increases  the  vulnerability  of  friendly 
forces  (the  enemy  could  easily  hide  in  the  midst  of  so  many  friendly  forces).  This  could  even 
lead  to  Information  Warfare  fratricide  (friendly  forces  may  imintentionally  destroy  or  damage  a 
friendly  asset  while  attempting  to  oust  an  enemy). 

Thus  the  central  problem  becomes  one  of  coordination.  In  order  to  be  fully  effective,  a 
central  focus  is  needed.  Although  the  many  and  varied  organizations  are  being  guided  somewhat 
by  a  common  vision,  there  is  no  clear-cut  dissemination  of  roles  and  responsibilities  from  the 
highest  levels.  This  problem  of  a  uniform  and  focused  effort  is  not  unique  to  the  organization 
problem.  In  fact,  it  was  seen  in  the  previous  chapter  on  definitions.  A  discussion  of  the 
“optimal”  organizational  configuration  is  reserved  for  Chapter  VIII. 

In  summaiy,  there  are  a  large  number  of  varied  entities  that  each  have  their  own 
objectives  and  definitions  on  the  Information  Warfare  playing  field,  and  all  are  moving  loosely  in  . 
the  same  direction.  With  such  a  force  on  the  IW  field,  the  discussion  should  next  logically  turn 
to  the  technologies  that  these  players  could,  should,  or  would  use  to  perform  their  missions. 
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IV.  INFORMATION  WARFARE  AND  TECHNOLOGY 


A.  TECHNOLOGICAL  REVOLUTION 

The  Third  Wave  revolution  has  been  brought  about  in  large  part  due  to  the  explosion  in 
technological  advances.  Technology  has  become  cheaper  and  more  powerful.  Bandwidth  for 
communications  is  increasing.  Computer  processor  power  is  doubling  every  24  months. 
Computer  memory  is  tripling  every  18  months.  Computer  storage  media  are  doubling  in  capacity 
every  24  months  while  the  cost  is  halved  every  18  months.  [Ref.  34]  Computers  are  becoming 
more  commonplace  and  are  increasingly  tied  together  via  networks.  The  Internet  is  growing 
exponentially.  Satellites  are  becoming  smaller  and  more  powerful.  Advances  in  voice,  data,  and 
video  distribution  are  leading  to  more  effective  communications.  Today’s  breakthrough 
developments  become  obsolescent  tomorrow.  More  and  more  organizations,  government  and 
commercial,  are  embracing  these  advances  with  open  arms. 

Such  is  the  dynamic  environment  for  today’s  world.  This  technological  explosion  has 
throwm  the  role  of  Information  Warfare  to  the  forefront.  Technology  has  facilitated  the  growth  of 
IW  into  an  increasingly  solid  warfare  discipline.  However,  while  enabling  IW  to  be  performed, 
technology  has  also  increased  vulnerabilities,  which,  in  turn,  leads  to  more  IW.  This  chapter  will 
explore  some  of  the  advances  that  have  brought  about  this  change.  Since  the  technological 
growth  is  moving  so  fast,  it  is  impossible  to  detail  every  new  development  here.  In  fact,  some  or 
perhaps  all  of  the  technologies  discussed  herein  will  soon  be  replaced  with  faster,  more  efficient 
ones. 
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The  goal  is  to  provide  the  reader  with  a  feel  for  the  types  of  technologies  that  can  promote 
or  degrade  Information  Warfare.  Some  specific  technologies  will  be  briefly  overviewed.’  The 
role  of  these  technologies  in  Information  Warfare  will  also  be  briefly  addressed  along  the  way. 
Subsequent  chapters  will  expound  on  some  of  the  technologies  discussed  in  this  chapter. 


B.  ENABLING  TECHNOLOGIES 

Some  might  ask  if  technology  has  a  defined  role  in  an  Information  Warfare  application, 
specifically  from  a  military  perspective.  The  answer,  of  course,  is  yes.  The  Army  is  developing 
the  “21st  Century  Soldier”  concept.  [Ref  38]  This  warrior  will  be  armed  not  only  with  a  weapon, 
but  also  with  a  computer  and  full  range  of  sensors.  Information  will  be  relayed  in  full  duplex  in 
near-real  time. 

Another  specific  IW  example  can  be  seen  in  the  Psychological  Operations  (PSYOPS) 
realm.*  The  “Commando  Solo”  aircraft  is  specially  designed  for  PSYOPS.  It  is  full  of 
communications  equipment  and  computers.  The  aircraft  is  flown  over  enemy  locations  (and  can 
even  be  used  against  a  civilian  populace).  It  plays  music  or  biased  news  broadcasts  or  even 
special  messages.  The  idea  is  to  break  down  the  enemy’s  will  to  fight.  In  fact,  this  was  used 
both  in  Operation  Desert  Storm  and  Operation  Support  Democracy.  [Ref  39]  This  platform  is  a 
fine  example  of  the  military  and  technology  working  together  to  create  a  formidable  Information 
Warfare  weapon. 


’  Throughout  this  chapter,  specific  companies  or  their  products  will  be  mentioned. 
By  no  means  do  such  references  imply  an  endorsement  for  these  goods  or  services. 

*  Recall  that  PSYOPS  are  a  subset  of  C2W  which  in  turn  is  a  subset  of  IW. 
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These  enabling  teehnologies  can  be  broken  down  into  four  major  categories  (which 
themselves  can  be  further  decomposed):  Computers  and  Networks,  Telecommunications,  Other 
Pertinent  Technologies,  and  Emerging  Technologies.  Each  of  these  categories  is  discussed  in 
further  detail  in  this  chapter.  Some  specific  examples  of  each  category  are  included.  By  no 
means  should  these  examples  be  viewed  as  all-inclusive.  Instead,  they  should  be  seen  as  an 
example  of  the  role  that  technology  plays  in  Information  Warfare.  Table  8  is  presented  at  the  end 
of  this  section  to  provide  a  summary  of  the  technologies  discussed. 

1.  Computers  and  Networks 

The  most  obvious  enabling  technology  for  Information  Warfare  is  the  computer. 
Computers  are  becoming  more  visible  in  almost  every  facet  of  society  all  over  the  world. 
Technology  is  allowing  for  more  uses  of  powerful  computers.  When  one  thinks  of  an 
“Information  Warrior,”  the  immediate  impression  is  of  someone  sitting  behind  a  computer 
terminal.  This  is  an  apt  analogy  (but  not  the  only  one);  the  computer  is  one  of  the  most  powerful 
weapons,  both  offensive  and  defensive,  that  can  be  used  in  Information  Warfare, 
a.  Computer  Advances 

As  mentioned  in  the  opening  paragraph  of  this  chapter,  computers  are  evolving  at 
dramatic  rates.  Processors,  storage,  and  memory  are  all  becoming  more  powerful  and  cheaper. 
This  leads  to  more  possibilities  for  computer  use  {e.g.,  desktop  video  teleconferencing). 
Computers  are  also  becoming  more  portable  (discussed  later  in  this  chapter),  which  facilitates 
any  IW  application  {e.g,  portable  computers  are  less  vulnerable  to  physical  attack).  Palmtop 
computers  have  emerged  that  permit  networking  and  high  processing  power  in  a  machine  that 
can  be  carried  in  a  pocket. 
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One  example  of  a  specific  robust  computer  technology  is  parallel  computing. 
Parallel  computers  execute  numerous  machine  instructions  simultaneously  (as  opposed  to 
sequentially  in  traditional  computers).  This  allows  for  faster  processing  of  more  information. 

For  today’s  world  of  massive  information  flows,  this  type  of  computer  is  a  definite  asset.  From 
an  IW  perspective,  parallel  computer  architectures  offer  some  protection  against  “chipping”^;  if 
one  processor  fails,  another  could  continue  the  work,  albeit  at  a  degraded  capability.  Along  the 
same  lines,  multiple  parallel  processors  are  easier  to  protect  because  of  their  redundancy  (if 
designed  correctly,  the  failure  of  one  does  not  preclude  continued  operation).  Finally,  once 
inside  an  enemy’s  computer  system,  our  own  parallel  computers  offer  the  ability  to  retrieve  and 
process  large  amounts  of  information.  [Ref.  40] 
b.  Networks 

A  computer  is  only  a  fancy  typewriter  or  calculator  if  it  is  not  connected  to  other 
computers.  Networked  computers  are  an  essential  part  of  today’s  world  and  thus  an  essential  part 
of  the  IW  domain.  Computers  can  be  linked  together  in  an  infinite  number  of  ways,  from  Local 
Area  Networks  (LANs)  to  Wide  Area  Networks  (WANs).  A  LAN  could  merely  connect  several 
computers  in  one  building  or  be  tapped  into  other  LANs  to  form  a  larger  network. 

Networked  computers  allow  for  more  efficient  operations.  Data  can  be  shared 
between  users.  Communications  can  be  vastly  improved  {e.g. ,  via  use  of  electronic  mail).  Users 
can  query  other  computers  and  users  through  such  things  as  the  Internet  (discussed  in  more  detail 
later).  More  powerful  software  packages  installed  on  increasingly  powerful  hardware  platforms 
facilitate  networking.  A  perfect  example  is  the  1996  release  of  Lotus  Notes  Suite.  This  product 

®  Chipping  is  an  Offensive  IW  technique  that  is  discussed  in  the  next  chapter. 
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allows  for  traditional  functions  (word  processing,  spreadsheets,  graphics  presentations,  etc.)  as 
well  as  the  interactive  sharing  of  that  information  amongst  users.  Also  included  are  such  things 
as  electronic  mail  capabilities,  interactive  database  queries,  and  Internet  access.  [Ref  41] 

While  promoting  efficiency,  this  type  of  networking  also  enhances  Information 
Warfare.  Almost  any  computer  security  expert  will  say  that  the  best  way  to  protect  a  computer  is 
to  cut  off  its  ability  to  communicate  with  other  computers.  While  this  is  a  very  true  statement,  it 
is  not  feasible  in  today’s  world.  As  organizations  become  smaller  with  an  increased  workload, 
they  must  become  more  efficient,  and  networks  facilitate  this.  Networks  demand  effective 
network  security  (discussed  later  in  this  chapter)  to  safeguard  information  (Defensive 
Information  Warfare).  At  the  same  time,  networks  allow  for  penetration  and  exploitation  by 
adversaries  (Offensive  Information  Warfare), 
c.  Internet 

The  “network  of  networks”  is  the  Internet.  The  Internet  is  a  semi-tangible, 
although  highly  ethereal,  worldwide  network  of  computers.  It  crosses  all  barriers  of  language 
and  culture.  Through  powerful  navigation  tools  such  as  Netscape,  users  can  gamer  a  wealth  of 
information  about  a  variety  of  subjects.  It  is  also  extremely  easy  to  use  via  robust  “search 
engines”.  These  tools  allow  for  the  collection  of  large  amounts  of  data  in  a  relatively  short  time. 

The  Internet  is  definitely  an  IW  weapon.  It  allows  for  the  collection  of  large 
amounts  of  open  source  intelligence  which  can  then  be  used  to  launch  IW  attacks.  In  fact,  the 
Internet  is  so  useful  that  many  organizations  need  access  to  it  to  accomplish  routine  functions. 
These  entry  points  can  serve  as  gateways  for  penetration  and  exploitation.  On  the  flip  side,  these 
same  gateways  create  headaches  for  systems  security  personnel  who  must  protect  them. 
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The  Internet  is  also  experiencing  a  major  paradigm  shift  of  its  own.  Traditionally, 
information  from  the  Internet  had  to  be  collected  with  a  software  program  that  could  interpret 
that  information  or  convert  it  to  a  usable  format  later.  If  no  such  software  tools  were  available, 
the  user  had  to  get  one  or  do  without  the  information.  Now,  however,  there  is  a  shift  to  a 
dynamic  and  virtual  Internet  whereby  needed  software  tools  could  be  made  available  upon 
request.  For  example,  a  user  requests  data  in  a  particular  format.  The  server  responding  to  the 
request  queries  the  user’s  system  to  determine  availability  of  the  required  software.  If  it  is  not 
available,  the  server  retrieves  a  temporary  copy  of  that  program  from  its  own  database  or  another 
server  and  opens  it  for  the  user.  Sun’s  Java  programming  language  (via  use  of  “applets”)  is  an 
example  of  the  first  steps  in  this  emerging  technology.  [Ref  42]  While  strengthening  data 
collection  and  analysis  capabilities,  this  technology  also  presents  new  avenues  for  attack  as  well 
as  increased  security  concerns. 

d.  Architectures 

Networked  computers  have  led  to  the  creation  of  information  architectures  at 
various  levels:  the  Global  Information  Infrastructure  (GII),  the  National  Information 
Infrastructure  (Nil)  and  the  Defense  Information  Infrastructure  (DII).  The  GII  is  currently  only  a 
vision  in  the  worldwide  community.  The  latter  two  are  specific  to  the  United  States  and  were 
mentioned  in  the  previous  chapter. 

The  GII  is  a  concept  of  a  totally  interconnected  world.  At  the  international  level, 
governments  would  be  passing  back  and  forth  anything  from  marketing  information  to  scientific 
data.  The  goal  is  to  promote  world  stability  and  prosperity  by  the  exchange  of  information  and 
technology. [Ref  43]  The  GII  also  includes  initiatives  to  involve  poorer  nations  in  the  process. 
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Such  countries  currently  do  not  have  the  supporting  technology  base  to  participate  in  the  GIL 
However,  the  GII  would  help  create  these  needed  infrastructures  by  leapfrogging  technology  (i.e, 
bypassing  the  installation  of  traditional  infrastructures  and  moving  straight  to  more  modem 
ones.  [Ref  44] 

The  Nil  is  a  more  tangible  version  of  the  GII  within  the  United  States.  It  is  an 
initiative  to  unite  federal,  state,  and  local  governments  with  the  business  and  industry  worlds. 

The  main  goal  is  to  promote  sharing  of  information  and  resources  as  well  as  to  conduct  business 
electronically.  There  is  a  national  level  task  force  (involving  all  of  the  major  players)  that  is 
overseeing  the  creation  of  the  NII.[Ref  45] 

The  DII  is  the  Department  of  Defense’s  version  of  the  NIL  It  is  being  run  by 
DISA.  The  goal  of  the  DII  is  to  provide  a  common  architecture  across  DOD  for 
communications,  information  exchange  and  processing  during  all  levels  of  conflict,  from  peace 
to  war.  [Ref  37] 

These  overarching  information  architectures  are  also  players  in  the  IW  arena.  The 
obvious  needs  for  security  in  such  large  networks  are  major  reasons  for  the  growth  of  the 
Defensive  Information  Warfare  (DIW)  industry  and  discipline.  These  kinds  of  networks  also 
provide  a  convenient  entry  point  for  network  penetration  to  accomplish  any  number  of  IW 
attacks  at  many  different  types  of  systems.  The  evolution  of  the  GII  into  reality  (if  it  does  so)  is  a 
major  consideration  for  this  thesis  and  will  be  addressed  in  a  later  chapter. 

2.  Telecommunications 

One  of  the  principal  characteristics  of  a  Third  Wave  world  is  a  reliance  on  information. 
That  information  must  be  moved  from  place  to  place.  Thus  enters  telecommunications  as  the 
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primary  medium  for  the  transfer  of  that  information.  As  information  becomes  more  and  more 
dominant  in  all  aspects  of  world  society,  the  telecommunications  industry  will  continue  to  thrive. 
This  prolific  use  of  the  electromagnetic  spectrum  abounds  with  opportunity  for  Information 
Warfare  tactics  and  techniques. 

This  portion  of  the  chapter  examines  some  of  the  existing  and  future  telecommunications 
technologies.  Three  separate  communications  groups  are  examined:  traditional  communications, 
satellite  communications,  and  cellular  communications.  Due  to  the  vast  and  dynamic  nature  of 
this  field,  not  all  possible  systems  are  explored.  Several  emerging  technologies  in 
telecommunications  are  reserved  for  a  separate  subsection  later  in  this  chapter. 

The  discussions  presented  here  present  only  a  rudimentary  examination  of  the 
technologies  in  question.  The  real  application  of  these  technologies  in  an  Information  Warfare 
environment  is  extremely  complicated.  A  detailed  analysis  of  the  many  factors  involved  (e.g., 
modulation  techniques,  error  correction  schemes,  protocols,  various  transmission  losses, 
compression  schemes,  etc.)  is  impossible  for  a  document  of  this  nature.  For  a  further  look  at  the 
workings  of  these  systems,  the  reader  is  referred  to  the  many  sources  referenced  in  this  chapter  as 
well  as  several  others  listed  in  the  Bibliography  at  the  end  of  this  document. 
a.  Traditional  Communications 

Traditional  communications  refer  mainly  to  the  use  of  “old”  (j.e.,  existing) 
infrastructures.  Although  there  is  nothing  traditional  about  the  ongoing  revolution  in  this  arena, 
it  serves  as  a  convenient  grouping  category.  Included  in  this  category  are  such  things  as 
traditional  voice  communication  (i.e.,  phone)  networks,  microwaves,  and  fiber  optics,  with  an 
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increasing  transition  from  analog  to  digital  technology.  Each  of  these  specific  categories  has  its 
own  input  to  the  world  of  Information  Warfare. 

(1)  Copper  Wire  Telephone  Communications.  Today’s  telephone  is  more 
than  an  instrument  for  voice  communications.  With  a  modem  and  a  computer  attached,  a 
telephone  line  serves  as  a  gateway  to  the  networked  world.  Existing  telephone  systems  can  pass 
voice,  data,  and  even  video.  Current  initiatives  and  emerging  systems  allow  for  an  even  more 
efficient  (i.e.,  higher  throughput)  transmission  of  this  information  using  existing  systems  (with 
different  modulations  techniques)  as  well  as  using  entirely  new  systems  (ISDN,  fiber  optics,  etc.). 
This  leads  to  an  infrastructure  that  is  increasingly  vulnerable  to  Information  Warfare. 

A  basic  understanding  of  the  most  conunon  type  of  telephone 
communication  is  necessary  before  proceeding.  A  typical  phone  call  requires  the  conversion  of 
voice  data  into  electronic  form  that  can  be  transmitted  over  copper  wire  to  the  receiving  end. 

The  telephone  number  dialed  sets  the  path  that  will  be  taken  by  the  message.  Basically  the  path 
goes  from  the  phone  to  a  local  loop,  through  a  telephone  company  switch,  through  a  series  of 
interexchange  channels  (IXCs),  through  a  switch  near  the  receiving  end,  and  finally  into  the 
receiving  party’s  phone  where  the  signal  is  reconverted  into  voice  format. [Ref.  46]  This  path  is 
known  as  a  voice  grade  circuit  (VGC).  A  VGC  in  the  public  domain  is  most  often  accomplished 
via  the  Public  Switched  Network  (PSN),  which  is  typical  phone  service  where  equipment  is 
shared  by  a  multitude  of  users.  Another  option  is  using  a  dedicated  line  to  establish  a  private 
connection;  this  requires  an  exclusive  line  not  shared  by  the  public. 

In  the  past,  the  majority  of  this  voice-to-electronic  signal  conversion  had 
been  accomplished  via  analog  techniques.  Today,  the  push  is  almost  entirely  digital,  using  not 
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only  existing  copper  wire  paths,  but  also  new  transmission  media.  The  main  focus  is  on 
increasing  the  bandwidth  (and  thus  throughput)  of  transmissions.  A  VGC  can  accommodate  up 
to  19.2  kbps  (kilobits  per  second).  Other  related  terms  and  data  rates  include:  narrowband 
circuits  (56  kbps  to  1.5  M(mega)bps),  wideband  circuits  (1.544  {i.e.,  T1  line)  Mbps  to  45  Mbps 
(z.e.,  T3  line)),  and  broadband  circuits  (greater  than  45  Mbps).  [Ref.  47] 

(2)  Integrated  Services  Data  Network  (ISDN).  One  example  of  these  new 
initiatives  is  the  leased  service  called  Integrated  Services  Data  Network  (ISDN).  The 
transmission  medium  for  ISDN  is  either  coaxial  cable  {e.g.,  like  the  one  used  for  standard 
television  cable  service)  or  microwave  (discussed  later).  There  are  two  types  of  ISDN  service: 
basic  access  and  primary  access.  Basic  access  is  designed  primarily  for  the  individual  user  or 
small  business.  It  is  a  digital  multiplexing  technique  that  uses  two  64  kbps  “B”  chaimels  for 
transmission  of  voice,  data,  or  video  (including  such  things  as  Internet  access)  and  a  1 6  kbps  “D” 
channel  for  signaling  and  control.  The  two  B  channels  can  also  be  combined  to  form  a  single 
128  kbps  channel.  Primary  access  is  intended  for  use  by  larger  entities.  It  consists  of 
multiplexing  numerous  B  channels.  There  are  different  standards  for  the  United  States  (23  B  and 
1  D  channels)  and  Europe  (31  B  and  1  D  channels). [Ref  46] 

ISDN  is  fully  compatible  with  Information  Warfare.  The  increased  data 
throughput  means  faster  data  collection  and  analysis  capability.  New  transmission  media  {e.g., 
coaxial  cable)  requires  development  of  new  penetration  technologies.  As  ISDN  becomes  more 
prolific,  more  players  could  become  involved  {i.e.,  increased  availability  and  ease  of  use 
promotes  IW  potential).  New  methods  to  maintain  security  is  also  a  concern. 
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(3)  Microwave  Communications.  Another  pertinent  technology  is 


microwave  transmission.  Microwave  transmissions  involve  direct  line-of  sight  transmissions 
over  Super  High  Frequency  (SHF)  ranges  (1  to  30  Ghz  (Gigahertz))  between  two  points. 
Microwave  technology  provides  many  of  the  same  services  as  offered  by  copper  wire 
transmissions  (voice,  video,  or  data),  but  at  a  much  higher  throughput  (over  100  Mbps  in  some 
high-end  digital  systems  [Ref.  48])  using  multiple  channels.  Microwave  antennas  are  generally 
moimted  on  towers  that  are  spaced  25  to  30  miles  apart.[Ref.  47]  Microwave  transmissions  can 
be  either  analog  or  digital.  They  can  be  used  for  anything  from  long-distance  telephone  service 
to  college  campus  network  transmissions  to  military  digital  networks.  [Ref  48] 

Microwave  communications  offer  great  opportunities  for  Information 
Warfare.  Microwave  transmissions  have  been  susceptible  to  classic  Electronic  Warfare 
techniques  (i.e.,  interception,  jamming,  etc.)  since  their  inception.  Increasingly,  digital 
transmissions  at  high  data  rates  demand  a  refinement  of  old  methods.  As  new  applications  for 
microwaves  are  developed  (e.g.,  LANs),  new  security  and  penetration  issues  also  emerge. 

(4)  Fiber  Optics  Communications.  A  final  example  of  a  new  application 
of  traditional  telecommunication  technology  is  fiber  optics.  Fiber  optics  is  a  new  and  more 
efficient  way  to  perform  traditional  functions,  from  phone  and  data  service  to  LAN  connectivity. 
New  applications  for  fiber  optics  are  also  emerging  and  will  be  discussed  in  the  section  on 
emerging  technologies. 

Fiber  optics  technology  involves  the  transmission  of  a  light  wave. 
Information  is  converted  from  its  natural  state  of  electric  pulses  into  a  series  of  light  pulses.  An 
optical  source  (such  as  laser  emitting  diode  (LED))  then  transmits  these  pulses  from  one  terminal 
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to  another  through  very  thin  (but  shielded)  glass  strands.  Along  the  way,  repeaters  (generally 
spaced  no  more  than  30  miles  apart)  regenerate  the  pulses  to  maintain  integrity  of  the 
transmission.  At  the  receiving  end,  the  light  pulses  are  then  reconverted  to  electric  format  for 
use.  [Ref  47] 

Fiber  optics  offer  many  advantages  over  older  communications  media.  It 
offers  virtually  infinite  bandwidth.  Fiber  optics  components  are  smaller,  lighter,  and  more 
flexible  than  other  communications  systems.  Transmissions  are  not  very  vulnerable  to 
electromagnetic  interference.  Also,  fiber  optics  are  relatively  secure;  transmissions  are  hard  to 
intercept  undetected. [Ref.  48]  However,  one  drawback  is  that  fiber  optics,  like  most  traditional 
communications,  are  not  very  portable.  Thus,  the  potential  uses  of  fiber  by  organizations  that 
depend  on  mobility  (i.e.,  the  military)  are  limited. 

Thus,  fiber  optics  offer  large  challenges  and  potential  for  Information 
Warriors.  Unlimited  bandwidth  theoretically  means  unlimited  throughput  (limited  only  by  the 
transmission  technology).  Security  administrators  on  the  DIW  side  can  breathe  a  little  easier 
with  a  fiber  optics  system.  On  the  flip  side,  OIW  players  are  challenged  to  penetrate  fiber  optics 
systems  undetected. 

b.  Satellite  Communications 

Satellite  communications  are  a  mainstay  of  today’s  traditional 
telecommunications  environment  (as  discussed  in  the  previous  section).  They  also  offer  other 
applications,  from  military  {e.g.,  reconnaissance)  to  commercial  {e.g,  VS  AT— discussed  below) 
to  private  {e.g. ,  television  and  telephone  service).  Each  of  these  applications  offers  potential  use 
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in  another  Information  Warfare  to  the  extent  that  satellite  communications  deserve  a  section  of 


their  own. 

The  basic  groimd  satellite  transmission  begins  with  a  user  requirement.  The 
information  (voice,  data,  or  video)  is  sent  to  a  ground  station  via  traditional  telecommunications 
media.  This  information  is  then  transmitted  (“uplinked”)  to  an  orbiting  satellite.  This 
information  can  be  passed  to  other  satellites  but  eventually  is  transmitted  (“downlinked”)  to  the 
receiving  groimd  station.  Finally  the  information  is  sent  to  the  user  on  the  receiving  end  via 
traditional  methods.  [Ref.  46]  The  actual  process  is  much  more  detailed  due  to  a  large  number  of 
variables  {e.g.,  satellite  orbit,  distances,  frequency  ranges,  etc.),  but  is  presented  here  in 
simplified  format  to  ensure  a  basic  understanding  of  the  technique. 

Satellite  communications  offer  both  advantages  md  disadvantages.  They  offer 
high  throughput  with  low  error  rates  at  relatively  stable  costs.  However,  satellites  are  not  easily 
designed  or  launched  and  always  involve  a  delay  in  time  (due  to  the  large  distances  signals  must 
travel).  They  are  also  susceptible  to  interference  and  interception  (although  they  are  becoming 
increasingly  less  vulnerable  due  to  such  things  as  new  modulation  techniques  {e.g..  Code 
Division  Multiple  Access— CDMA)). [Refs.  47  and  48]  In  any  case,  satellites  are  a  definite  part  of 
the  telecommunications  world  into  the  foreseeable  future. 

A  large  portion  of  the  current  initiatives  in  new  satellite  technology  are  Low  Earth 
Orbit  (LEO)  satellite  projects.  A  LEO  satellite  orbits  very  quickly,  fairly  close  to  earth  (generally 
below  1000  km  [Ref  49]).  Since  the  area  of  coverage  by  LEO  satellites  is  less  than  higher  orbit 
ones,  more  satellites  are  required.  Two  examples  of  ongoing  LEO  projects  are  Iridium  and 
Teledesic.  Iridium  is  expected  to  be  operational  in  1998  and  will  consist  of  66  satellites  and  six 
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spares  orbiting  anywhere  from  670  km  [Ref.  50]  to  780  km  [Ref.  51]  above  the  earth.  One  of  the 

most  comprehensive  and  concise  views  of  Iridium  says  that  Iridium,  which  will  virtually 

eliminate  the  need  for  ground  stations,  can  be  best  defined  as 

a  wireless  personal  communication  network  designed  to  permit  any  type  of 
telephone  transmission  -  voice,  data,  fax,  paging  -  to  reach  its  destination 
anywhere  on  earth,  at  any  time.  It  will  revolutionize  worldwide  communications 
in  the  commercial,  rural,  and  mobile  sectors  by  providing  portable  universal 
service.  [Ref.  50] 

On  the  other  hand,  Teledesic,  expected  to  be  operational  by  2001,  is  envisioned  to  have  840 
satellites  with  as  many  as  84  spares,  orbiting  at  about  700  km.[Ref.  51]  While  Iridium  is  focused 
on  cellular  communications,  Teledesic  will  target  the  data  communications  environment,  with 
such  ideas  as  a  wireless  Internet.  [Ref  52] 

At  least  three  other  specific  technologies  in  the  satellite  realm  are  worth 
mentioning.  These  are  the  Direct  Broadcast  Satellite/Global  Broadcast  Service  (DBS/GBS), 
Very  Small  Aperture  Terminals  (VSATs),  and  International  Maritime  Satellite  (INMARSAT). 
DBS  is  a  new  one-way  (“broadcast”)  technique  for  disseminating  video  products  (i.e.,  television) 
on  200  possible  channels  at  a  high  rate  (23  or  30  Mbps)  to  individual  subscribers  with  small 
satellite  dishes.  The  satellite  constellation  consists  of  three  geostationary  satellites  orbiting  at 
35,680  km.[Ref.  53].  GBS  is  a  DOD  initiative  built  on  the  ideiis  of  DBS.  GBS  allows  one-way 
transmission  of  critical  information  at  up  to  23  Mbps  to  deployed  warfighters.  [Ref  54] 

Currently,  the  military  is  using  existing  commercial  geostationary  satellites  for  these 
transmissions.  The  goal,  however,  is  to  have  a  dedicated  military  geostationary  constellation  for 
GBS.  VS  AT  is  a  low-cost  technique  that  is  currently  in  use  in  commercial  enterprises  around  the 
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world.  For  example,  credit  card  transactions  use  VS  AT  terminals  for  verification.  VS  AT 
communications  occur  at  speeds  up  to  64  kbps. [Ref  48] 

INMARSAT  is  an  old  system  (1979)  that  was  originally  designed  for  maritime 
communications.  Today,  INMARSAT  is  used  around  the  world  on  ships  as  well  as  on  land  and 
in  aircraft.  Several  different  INMARSAT  systems  exist  today.  INMARSAT-A  is  the  old 
maritime  standard  for  voice  and  low-rate  data  transmissions.  INMARSAT-B  is  an  improved 
version  of  INMARSAT-A  that  uses  digital  technology  and  allows  faster  data  transmissions  (up  to 
64  kbps).  INMARS AT-M  is  a  portable  voice  and  data  system  (2400  bps).  INMARSAT-C  is  an 
even  smaller,  but  slower  (600  bps),  portable  system.  Additionally,  several  types  of  aircraft 
systems  exist.  INMARSAT  satellites  are  geostationary  (35,786  km).  In  the  future,  improved 
satellites  are  scheduled  to  be  launched  as  well  as  a  whole  new  system  (ICO  or  INMARSAT-P) 
that  will  offer  an  alternative  to  cellular  communications.  [Ref.  55] 

Each  of  the  satellite  technologies  discussed  have  OIW  or  DIW  potential  (or  both). 
Satellite  transmissions  are  vulnerable  to  classic  EW  techniques.  Broadcast  systems  allow  for 
transmission  of  very  high  data  rates.  While  this  may  increase  the  information  advantage,  such 
systems  are  also  vulnerable  to  interception  and  jamming.  The  VS  AT  infi-astructure  offers 
potential  for  clandestine  activities.  Who  is  going  to  question  a  VSAT  terminal  ostensibly  used 
for  verifying  credit  card  purchases  in  a  third  world  country?  In  reality,  such  terminals  could 
serve  as  a  laimch  pad  for  IW  attacks  against  friendly  nations  by  terrorist  organizations,  for 
example. 

An  increasing  reliance  on  LEO  systems  will  clutter  the  LEO  space  environment 
which  enhances  the  IW  potential.  For  example,  an  OIW  team  penetrates  a  satellite  control 
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computer  system  and  changes  one  or  more  of  the  satellite’s  orbital  parameters  (most  satellites  are 
programmable  and  steerable).  The  resulting  orbit  change  could  cause  a  collision  with  another 
satellite  which  causes  a  catastrophic  chain  reaction  (picture  the  900  new  satellites  conceived  in 
the  Iridium  and  Teledesic  projects  along  with  the  systems  that  are  already  in  place).  Although 
this  scenario  seems  a  bit  drastic  and  perhaps  far-fetched,  it  is  feasible.  Other  lesser  means,  could 
include  merely  turning  the  satellites  off  at  a  critical  time  or  causing  certain  components  to  fail  at 
a  predetermined  time. 

c.  Cellular  Communications 

One  of  the  hottest  topics  in  the  telecommunications  world  today  is  cellular 
communications.  They  began  in  the  1970s.  By  1985,  an  analog  cellular  standard,  called 
Advanced  Mobile  Phone  System  (AMPS)  was  in  place  in  the  United  States.  However,  the  push 
towards  digitization  has  created  several  new  standards  in  the  U.S.  These  new  standards  mark  a 
change  from  mostly  Frequency  Division  Multiple  Access  (FDMA)-type  schemes  to  a 
combination  of  FDMA  and  either  Time  Division  Multiple  Access  (TDMA)  or  CDMA 
techniques.  The  current  European  standard  is  known  as  the  Global  System  For  Mobile 
Communication  (GSM)  and  uses  TDMA  and  FDMA.  Other  parts  of  the  world  have  their  own 
cellular  standards  which  are  not  necessarily  compatible  with  U.S.  or  European  standards  (which 
are  currently  incompatible  with  one  other). [Ref.  56] 

An  infinite  number  of  cellular  system  configurations  is  possible.  The  simplest 
system  might  consist  of  one  or  more  radios,  cellular  antennas  (possibly  including  satellites)  and  a 
supporting  infrastructure  (e.g.,  telephone  switching  company).  In  this  basic  system,  an  individual 
places  a  call  with  a  cellular  phone  while  driving  in  a  car.  The  call  is  routed  through  the  nearest 
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cellular  antenna  and  is  routed  to  a  mobile  telephone  switching  station.  The  call  then  enters  the 
traditional  telephone  switching  network  (land  lines  or  satellites),  where  another  individual 
receives  the  call  on  a  standard  wall-mounted  phone.  As  the  conversation  continues,  the  driver  of 
the  car  begins  to  fade  from  the  cellular  antenna’s  coverage  and  begins  to  be  picked  up  by  another 
antenna.  The  call  is  then  automatically  “handed  off’  to  this  new  cellular  antenna.  These 
geographic  sectors  of  control  by  one  or  more  cellular  antennas  are  called  “cells”  and  are  roughly 
hexagonal  in  shape.  Cellular  transmissions  are  generally  low  power.  Thus,  antennas  are  fairly 
close  together  (no  more  than  40  or  50  miles  apart).  [Ref.  56] 

The  fixture  for  cellular  communications  is  exciting.  One  current  trend  in  cellular 
technology  is  Personal  Communications  Services  (PCS).  PCS  is  an  extension  of  digital  cellular 
techniques  to  create  wireless  networks  that  are  very  portable,  even  down  to  the  individual  user 
for  the  transmission  of  voice,  data,  or  video.  These  PCS  networks  will  be  able  to  directly  tap  into 
existing  infi-astructures  such  as  the  public  switching  stations.  Of  course,  PCS  will  require  the 
emergence  of  a  very  sophisticated  supporting  infrastructure  (the  details  of  which  are  not  fully 
defined).[Ref  57]  Other  future  trends  include  such  things  as  navigation  and  positional  data  via 
cellular  phones.  Cellular  antennas  will  also  evolve  to  “microcells”  which  are  mounted  on 
lampposts  and  cover  1000  meters.  [Ref.  56]  Another  trend  is  the  Mobile  Internet  Protocol  (IP) 
concept  which  will  facilitate  access  to  the  Internet  via  cellular  systems.[Ref  58] 

One  of  the  greatest  problems  presented  by  the  onslaught  of  cellular  technology, 
and  thus  one  of  its  greatest  contributions  in  the  Information  Warfare  domain,  is  security. 
Numerous  concerns  exist  about  the  lack  of  security  in  today’s  cellular  environment.  These 
problems  must  be  overcome  in  order  for  cellular  communications  to  evolve  into  a  secure  and 
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reliable  alternative  to  traditional  communications.  An  efficient  cellular  security  plan  must 
safeguard  at  least  the  following  information:  call  setup  information  (e.g.,  calling  card  information 
for  a  long  distance  call),  voice  and  data  information,  users’  locations,  users’  identification,  and 
users’  calling  patterns.  From  an  offensive  standpoint,  any  of  those  vulnerabilities  could  be 
exploited  or  attacked  at  any  number  of  different  areas  of  the  cellular  system:  transmission  towers, 
switches,  cellular  or  phone  company  databases,  network  intercoimects,  roaming  service  provider, 
the  cellular  phones  themselves,  etc.  At  least  four  different  security  schemes  are  in  place  or 
emerging  in  the  cellular  world:  Mobile  Identification  Number/Electronic  Serial  Number 
(MIN/ESN)  (an  AMPS  security  system).  Shared  Secret  Key  Data  (SSD)  (for  use  by  PCS  systems 
with  CDMA  or  TDMA),  Token  Based  Security  Triplets  (for  the  GSM  standard),  and  Public  Key 
(an  emerging  technique  whose  details  and  applicability  have  not  yet  been  fully  defined).  For 
further  information  on  these  systems  and  a  detailed  introduction  to  cellular  security,  the  reader  is 
referred  to  Chapter  10  of  Wireless  And  Personal  Communications  Systems.  [Ref.  56] 

3.  Other  Pertinent  Technologies 

Several  other  key  technologies  cannot  be  ignored  in  the  Information  Warfare  domain. 
Several  have  been  hinted  at  already  but  require  additional  discussion  of  their  own.  These 
include:  sensors  and  space,  security,  and  a  “miscellaneous”  category  (for  small  but  important 
points  that  do  not  conveniently  fall  into  any  of  the  other  categories). 
a.  Senors  and  Space 

Sensors  and  space  will  have  increasingly  important  roles  in  Information  Warfare. 
The  current  trend  in  satellite  and  sensor  technology  is  a  decrease  in  cost  and  size  with  a 
commensurate  increase  in  performance.  As  the  world  becomes  more  networked  and  conflicts 
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become  more  localized,  the  uses  of  satellites  will  become  more  prolific.  These  types  of  satellites 
must  also  have  a  wide  variety  of  very  accurate  sensors  that  transmit  their  data  in  near-real  time 
and  should  be  able  to  be  launched  locally.  At  the  same  time,  such  sensors  should  be  mostly 
passive  and  increasingly  visual  (the  mindset  of  “a  picture  is  worth  a  thousand  words”  enters 
here).  Of  course,  sensor  technology  need  not  be  solely  space-based.  The  scenario  described  in 
Chapter  I  calls  for  microsensors  with  diverse  capabilities  (infrared,  visual,  acoustic,  etc.). 
Technology  allows  for  this  scenario  to  evolve  into  reality.  [Ref  6] 

b.  Security 

Security,  the  cornerstone  of  the  defensive  side  of  IW,  has  been  discussed  at 
several  points  in  the  sections  on  specific  technologies.  Yet,  at  least  one  additional  element  needs 
to  be  specifically  addressed,  that  of  network  security.  Network  security  involves  everything  from 
encryption  to  authentication  to  firewalls.  One  should  bear  in  mind  that  a  network  in  this  context 
can  be  anything  from  a  LAN  to  a  WAN  to  an  individual  computer  hooked  to  the  Internet. 
Although  network  security  is  a  DIW  component  (whereas  this  thesis  is  focused  mainly  on  OIW), 
an  imderstanding  of  the  defenses  is  necessary  to  effectively  break  them.  Although  no  network 
can  ever  be  totally  secure,  effective  steps  can,  and  should,  be  taken.  Network  security  is  more 
than  a  series  of  techniques;  it  is  a  state  of  mind  that  must  be  cultivated  and  maintained. 

Any  network  that  wants  to  protect  itself  from  unauthorized  access  needs  to  have 
safeguards  in  place  to  keep  out  unwanted  users.  One  way  to  do  that  is  by  use  of  a  firewall.  A 
firewall  serves  as  a  filter  to  keep  unwanted  users  and  unwanted  traffic  out  of  the  network.  [Ref 
29]  It  is  basically  an  added  layer  (or  layers)  in  the  security  structure.  Of  course,  no  firewall  is 
perfect  and  firewalls  themselves  are  vulnerable.  In  fact,  while  a  firewall  may  stop  or  slow  down 
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a  hacker,  those  efforts  can  be  directed  against  the  firewall  as  well.  If  the  firewall  goes  down, 
external  network  activity  could  cease  altogether.  Of  course,  this  scenario  presents  a  whole  new 
set  of  problems  which  must  be  dealt  with.  [Ref  59] 

Firewalls  are  not  the  ultimate  security  tool  (a  common  misperception).  One  could 
say  that  a  firewall  can  be  seen  as  something  with  “a  hard,  crunchy  outside  with  a  soft  chewy 
center”.  In  other  words,  they  offer  a  false  sense  of  security,  because,  they,  too  are 
vulnerable.  [Ref  60]  They  may  be  set  up  to  prevent  certain  types  of  traffic  (e.g.,  unauthorized  e- 
mail)  while  they  offer  very  little  protection  from  other  problems  (e.g.,  viruses).[Ref  61]  Also, 
while  firewalls  may  prevent  intrusion,  they  may  also  limit  functionality  of  the  network  by 
imposing  additional  restrictions  on  the  users.  [Ref  29] 

Niunerous  firewall  products  are  easily  available  in  the  commercial  market.  In 
fact,  the  Internet  is  often  a  good  source  for  finding  vendors  of  such  products,  including  composite 
lists  of  product  overviews  and  addresses  [Ref  62]  One  example  of  such  a  firewall  tool  is  Black 
Hole.  Black  Hole  is  a  product  of  a  Canadian  company  called  Milkyway  Networks,  Inc.  (which 
currently  controls  seventy  percent  of  the  network  security  environment  in  Canada).  It  is  used  to 
prevent  unauthorized  aecess  to  a  network  in  general,  especially  to  sensitive  information  such  as 
accounting  data.  [Ref  63] 

Once  a  user  gains  access  to  the  network,  an  authentication  process  must  occur  to 
ensure  the  user  is  valid.  Traditionally,  this  has  been  done  via  use  of  passwords  and  related 
techniques.  Of  course,  this  information  must  also  be  protected  in  order  to  be  effective.  If  a 
perpetrator  gains  access  to  either  the  password  database  or  is  able  to  crack  individual  passwords, 
then  the  network  is  compromised.  Often,  users  facilitate  this  by  choosing  easily  guessable  or 
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crackable  passwords.  Ways  to  improve  this  process  include  use  of  one-time  or  frequently 
changing  passwords  as  well  as  a  process  for  ensuring  chosen  passwords  are  “good”.  Also,  the 
passwords  must  be  adequately  protected  from  compromise.  [Ref.  29] 

Newer  authentication  techniques  are  also  emerging.  One  example  is  an  individual 
user  card,  similar  to  a  credit  card  or  a  bank  card  (e.g. ,  the  Fortezza  card).  This  card  contains  all 
essential  user  information  and  must  be  inserted  and  validated  prior  to  being  given  access  to  the 
network.  While  this  improves  security  substantially  (a  perpetrator  must  gain  physical  possession 
of  a  card  or  bypass  the  enabling  software),  it  is  not  foolproof  Another,  and  much  more  reliable 
technique  is  a  biometric  verification.  This  involves  the  use  of  a  physical  authentication  process 
unique  to  every  user,  such  as  a  fingerprint  or  retina  scan.  The  future  will  show  an  increased  use 
of  these  more  secure  techniques  (cards  and  biometrics),  especially  as  the  associated  costs 
decline.  [Ref.  29] 

A  final  network  security  technique  is  encryption.  Encryption  can  occur  in 
beisically  two  different  ways;  on-line  (encryption  occurs  just  prior  to  transmission)  or  off-line 
(encryption  occurs  shortly  after  material  is  composed  and  before  transmission).  The  two  main 
types  of  on-line  encryption  are  end-to-end  (encryption  occurs  once)  and  link  (encryption  occurs 
several  times  along  the  transmission  path).  Off-line  encryption  deals  mainly  with  local 
encryption  of,  for  example,  password  files.  [Ref  47] 

Essential  to  understanding  any  kind  of  encryption  technique  or  specific  product  is 
a  knowledge  of  the  key  systems  involved.  A  key  is  basically  the  mechanism  (hardware,  software, 
or  both)  whereby  the  encrypted  transmission  is  decrypted.  Keys  can  be  either  private  (where 
both  parties  use  the  same  key)  or  public.  In  the  public  key  scheme,  each  party  has  two  keys:  a 
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private  one  (which  should  never  be  shared)  and  another  one  that  is  made  available  to  other  users. 
Both  keys  are  needed  to  encrypt  and  decrypt  a  message.  A  concept  related  to  the  public  key 
system  is  key  escrow.  Key  escrow  trusts  a  neutral  third  party  (the  escrow  agent)  with  part  of  the 
key.  The  escrow  agent  would  only  surrender  their  key  when  asked  to  by  the  parties  involved  or 
when  dictated  by  court  order.  The  legal  ramifications  of  key  escrow  are  great  and  thus  are  topics 
of  considerable  controversy.  Several  different  encryption  tools,  focused  mainly  on  electronic 
mail,  are  available.  These  include:  RSA  (Rivest,  Shamir,  and  Adleman),  Privacy  Enhanced  Mail 
(PEM),  Pretty  Good  Privacy  (PGP),  Digital  Encryption  Standard  (DES),  Public  Key 
Cryptography  Standard  (PKCS),  Kerberos,  S/MIME  (Secure  Multimedia  Internet  Mail 
Extensions),  SKIPJACK,  etc.  Details  of  each  of  these  techniques  (and  others)  can  be  found  in 
any  number  of  sources,  some  of  which  are  included  in  the  Bibliography.  [Refs.  29  and  64] 

Perhaps  the  most  critical  factors  in  effective  network  security  are  a  realization  of 
the  problem  and  education.  When  coupled  with  user-unique  encryption  and  verification 
techniques  (such  as  the  highly  successful  and  relatively  new  Fortezza  card),  near  total  (absolute 
total  is  never  possible)  integrity  of  a  network  is  possible.  An  effective  training  program,  where 
users  at  all  levels  are  taught  proper  precautions,  practical  use,  and  timely  incident  reporting 
procedures,  is  essential.  Some  form  of  effective  enforcement  {e.g. ,  fines  or  disciplinary  action) 
must  also  be  established  to  ensure  users  remain  vigilant.  Regular  (but  not  predictable)  drills 
should  also  be  held  to  ensure  compliance  and  facilitate  development  of  security  consciousness. 
Such  drills  should  be  implemented  by  a  third  party  so  that  effective  training  is  also  conducted  for 
network  administrators.  Only  by  changing  the  mindset  of  all  users  and  administrative  personnel 
can  near  total  network  integrity  be  maintained. 
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c.  Miscellaneous 

Several  other  technologies  and  processes  are  also  worth  mentioning  briefly. 
Miniaturization  is  a  key  feature  of  today’s  technological  developments.  While  the  push  is 
towards  more  power  and  capability,  such  developments  must  also  be  smaller  and  more 
lightweight.  Portability  is  also  a  key  feature  of  emerging  technologies,  in  anything  from 
computers  to  cellular  phones.  This  requires  use  of  new  materials  and  processes  to  develop  long- 
lasting  and  reliable  batteries  (or  other  power  generation  schemes)  so  that  the  technologies  can  be 
effectively  employed.  Miniaturization  and  portability  facilitates  the  use  of  Information  Warfare 
down  to  the  individual  user  level  if  necessary.  A  final  area  of  consideration  in  the  current 
technology  domain  is  that  of  simulation.  Shrinking  budgets  dictate  innovative  training 
techniques.  Highly  developed  technologies  allow  for  relatively  cheap  and  effective  training. 
Perhaps  the  most  vivid  example  is  the  rapid  proliferation  of  virtual  reality  (VR).  VR  training  is 
quickly  becoming  a  mainstay  for  training  in  many  different  domains  (commercial,  industry, 
military,  etc.).  Of  course,  these  technologies  can  also  be  exploited,  as  will  be  discussed  in  the 
following  chapter. 

4.  Emerging  Technologies 

A  final  category  in  the  description  of  enabling  technologies  are  emerging  technologies. 
This  category  includes  not  only  non-traditional  types  that  represent  the  future  of  technology  and 
warfighting  {e.g.,  neural  networks,  artificial  intelligence,  etc.)  but  also  new  uses  or  extensions  of 
emerging  technologies  {e.g.,  wireless  networks,  Switched  Multi-megabit  Data  Service,  Fiber¬ 
optic  Link  Around  the  Globe,  etc.).  Two  main  groupings  in  this  category  can  be  viewed:  network 
functions  and  cognitive  technologies.  Several  other  areas  could  also  be  addressed  {e.g.. 
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emergence  of  new  materials  for  construction  and  manufacturing).  While  important,  the  nature  of 
this  thesis  precludes  an  in-depth  (or  even  cursory)  look  at  every  technological  possibility. 

a.  Network  Functions 

As  the  networked  world  emerges  as  the  status  quo,  technology  is  focusing  on  new 
and  improved  ways  to  transmit  information  quicker  and  more  efficiently.  Several  technologies 
that  should  be  included  in  this  category  are:  Switched  Multi-megabit  Data  Service  (SMDS), 
Asynchronous  Transfer  Mode  (ATM),  and  Synchronous  Optical  Network  (SONET).  SMDS  is 
“a  high  speed  (1.544M  and  45M  bps),  connectionless,  public  packet  switched  service  that  can 
provide  LAN-like  performance  and  features  over  a  metropolitan  area.”[Ref.  47]  SMDS  uses  the 
existing  telephone  infrastructure  and  the  cell  relay  technique'®  to  provide  high  data  rates  in  a 
given  geographic  area.  ATM  is  a  similar  cell  relay  technology  with  speeds  from  45  Mbps  to  600 
Mbps  [Ref.  46].  SMDS  and  ATM  offer  greater  flexibility  in  that  a  message  can  be  split  up  and 
sent  over  any  number  of  different  paths,  thus  increasing  chances  of  receipt,  even  if  some  parts  of 
a  network  are  down.  [Ref.  29]  SONET  is  a  fiber  optics  technology  (thus  requiring  installation  of 
a  fiber  infrastructure)  that  offers  extremely  high  data  rates,  from  51.8  Mbps  to  2.4  Gbps  [Refs.  46 
and  47],  as  well  as  the  advantages  of  fiber  (see  section  B2a(4)  in  this  chapter).  In  each  case,  data 
is  transmitted  faster  in  a  more  complicated  manner.  This  provides  opportunities  and 
vulnerabilities  in  both  OIW  and  DIW. 

Extensions  of  new  technology  are  also  leading  to  the  creation  of  new 
infrastructures.  One  prominent  example  of  this  is  the  Fiber-optic  Link  Aroimd  the  Globe 

Cell  relay  uses  fixed  length  “cells”  that  are  transmitted  individually  and  then 
reassembled  at  the  receiving  end.  Cell  relay  is  faster  than  its  competitor,  frame 
relay.  [Ref.  48] 
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(FLAG).  FLAG  is  a  project  which,  when  completed  in  1997,  will  link  Great  Britain  and  Japan 
with  a  27,300  km  undersea  fiber  optics  link.  This  system  will  have  landing  points  in  Spain,  Italy, 
Egypt,  United  Arab  Emirates,  India,  Malaysia,  Thailand,  Hong  Kong,  China,  and  Korea.  The 
fiber  optics  link  will  carry  data  at  a  rate  of  5.3  Gbps  which  will  be  parsed  into  120,000 
VGCs.[Ref  65]  This  innovative  project  provides  enormous  potential  for  Information  Warfare. 
In  fact,  FLAG  could  serve  as  an  entry  point  for  IW  operations. 

b.  Cognitive  Technologies 

The  second  major  division  of  emerging  technology  lies  in  the  realm  of  cognitive 
technologies.  Cognitive  technologies  include  such  things  as  artificial  intelligence  and  neural 
networks.  They  represent  perhaps  the  area  of  greatest  growth  in  the  technology  domain  and 
perhaps  the  field  which  holds  the  greatest  potential  for  Information  Warfare.  Since  one  key 
aspect  in  any  war  is  getting  inside  the  enemy’s  mind  and  wreaking  havoc,  the  marriage  of 
cognitive  technologies  and  IW  present  a  very  formidable  weapon. 

One  powerful  example  of  a  cognitive  technology  is  the  neural  network.  It  is  a 
computer  adaptation  modeled  after  the  human  brain.  Whereas  traditional  processing  connections 
on  networks  are  often  limited  to  10  or  20  nodes,  neural  networks  take  advantage  of  the  human 
brain  model  which  allows  for  connections  of  tens  of  thousands  of  nodes.  These  nodes  operate  in 
parallel  (recall  the  section  earlier  on  parallel  computers)  so  the  number  of  nodes  does  not 
impinge  on  processing  time  (but  a  large  amount  of  memory  is  needed).  The  power  behind  neural 
networks  is  that  their  massive  processing  power  enables  them  to  “learn”.  This  is  accomplished 
by  assignment  of  error  codes  which,  after  repeated  trials,  diminish  and  thus  “learning”  has 
occurred.  Neural  networks  can  be  used  for  signal  processing  (classic  EW),  pattern  and  image 
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recognition,  speech  and  language  processing,  decision  making  systems,  and  a  myriad  of  other 
tasks.  The  IW  application  for  neural  networks  is  enormous.  They  could  be  used  for  such  things 
as  automated  decision  making  and  massive  data  crunching.  They  can  also  present  an  OIW 
challenge  that  relies  more  on  an  imderstanding  of  biology  and  physiology  than  on  computers  (i.e., 
a  neural  network  can  be  attacked  as  if  it  were  a  human  brain).  [Ref.  40] 

C.  THE  POWER  OF  TECHNOLOGY 

In  summary,  there  are  a  wide  range  of  technologies  that  can  be  used  in  Information 
Warfare  in  any  number  of  ways.  Technology  is  a  dynamic  science  that  is  constantly  changing 
and  thus  new  potentials  are  developed  everyday.  Of  course,  no  single  discussion  of  IW  enabling 
technologies  can  ever  be  comprehensive  or  complete.  The  discussion  that  has  been  offered  here, 
and  is  summarized  in  Table  8,  is  but  the  tip  of  an  iceberg.  Yet,  this  tip  offers  insight  into  some 
ways  that  some  technologies  can  be  used  in  IW.  It  should  also  show  the  reader  that  Information 
Warfare,  in  its  most  powerful  form,  caimot  be  divorced  from  technology. 
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CATEGORY 

SUBCATEGORY 

EXAMPLES 

Computers  &  Networks 

Computer  Advances 

Parallel  computing,  Desktop  VTC 

Networks 

Lotus  Notes  Suite 

Internet 

Java 

Architectures 

GII,  Nil,  DII 

Telecommunications 

Traditional 

ISDN,  Microwave,  Fiber 

Satellite 

GBS,  VSAT,  INMARSAT 

Cellular 

PCS,  Iridium,  GSM 

Other  Pertinent  Technologies 

Sensors  and  Space 

Visual,  Near-Visual,  Optical 

Security 

Fortezza,  Black  Hole,  Firewalls 

Miscellaneous 

Miniaturization,  Energy  Tech. 

Emerging  Technologies 

Network  Functions 

Wireless,  FLAG,  SONET,  ATM 

Cognitive  Technologies 

Neural  Networks,  AI 

Table  8.  Enabling  Information  Warfare  Technologies. 
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V.  OFFENSIVE  INFORMATION  WARFARE 


The  first  four  chapters  of  this  thesis  have  focused  primarily  on  Information  Warfare  from 
a  broad  perspective.  The  tough  issue  of  definitions,  an  overview  of  the  organizations  involved, 
and  a  brief  look  at  some  of  the  enabling  technologies  have  all  been  examined.  To  gain  further 
insight  into  the  usefulness  of  Information  Warfare,  a  decision  must  be  made  for  further 
exploration. 

What  should  be  obvious  to  the  reader  by  now  is  that  IW  is  so  large  a  field  of  study  that  no 
single  document  could  fully  cover  all  of  its  facets.  As  a  result,  any  study  must  be  partitioned  into 
manageable  pieces.  This  remainder  of  this  thesis  will  examine  the  partition  of  Offensive 
Information  Warfare.  Two  caveats  should  be  noted,  however.  First,  OIW  and  DIW  are 
complementary;  one  cannot  be  divorced  from  the  other.  While  recognizing  this  fact,  OIW  will 
be  the  primary  focus  for  the  remainder  of  the  thesis.  Second,  an  understanding  of  the  concepts 
presented  in  Chapters  II  through  IV  are  critical  to  understanding  the  ensuing  discussion  of  OIW. 

A.  RATIONALE  FOR  OFFENSIVE  INFORMATION  WARFARE 

1.  Engaging  In  Offensive  Information  Warfare 

The  first  question  that  should  come  to  mind  is:  should  the  United  States  engage  in 
Offensive  Information  Warfare?  There  are  numerous  political,  economical,  social  and  legal 
issues  that  surroimd  OIW.  A  discussion  of  most  of  these  issues  is  reserved  for  Chapter  VII. 
However,  the  emergence  of  IW  as  a  definite  part  of  warfare  into  the  foreseeable  future  demands 
that  the  United  States  be  prepared  to  execute  an  effective  IW  plan,  both  offensive  and  defensive. 
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on  short  notice.  Therefore,  the  requirement  exists  to  make  those  preparations.  Of  course,  the 
time  to  make  such  plans  is  prior  to  the  commencement  of  hostilities. 

This  chapter  will  illustrate  some  of  the  ways  that  OIW  could  be  conducted. 
Unfortunately,  the  majority  of  OIW  efforts  and  endeavors  inside  the  U.S.  government  are  highly 
classified.  As  a  result,  this  chapter  will  not  contain  any  specific  programs  or  projects  that  may 
exist  in  the  OIW  realm.  However,  such  knowledge  is  not  critical  to  a  basic  understanding  of 
OIW  concepts  and  tools.  All  of  the  ideas  presented  here  are  drawn  from  open  source  material  or 
are  derivations  thereof  By  no  means  should  they  be  interpreted  as  components  of  a  U.S. 
government  OIW  plan.  They  merely  present  possibilities  that  could  be  applied  when  conducting 
an  OIW  campaign.  Of  course,  the  tools  and  concepts  presented  here  are  by  no  means 
comprehensive;  numerous  others  do  exist  and  should  be  examined.  This  chapter  is  meant  to 
paint  a  picture  of  OIW  in  general. 

2.  “Defining”  Offensive  Information  Warfare 

Chapter  II  focused  on  the  problem  of  trying  to  define  Information  Warfare.  Trying  to  pin 
a  tangible  definition  on  something  so  large  and  ubiquitous  as  Information  Warfare  is  futile.  The 
end  result  of  Chapter  II  was  the  settlement  on  Paradigm  F  as  a  working  definition  or  context  for 
this  thesis.  Inherent  to  that  “definition”  was  the  fact  that  IW  can  be  both  offensive  and  defensive 
in  nature;  several  uses  of  each  have  been  cited  in  all  of  the  chapters  so  far.  Still,  in  order  to 
discuss  OIW  effectively,  it  must  be  bounded.  For  the  purposes  of  this  thesis.  Offensive 
Information  Warfare  can  be  defined  as:  any  action  taken  to  degrade  or  destroy  an  enemy’s 
information  infrastructure  and  systems.  No  attempts  will  be  made  to  define  what  comprises  this 
“infrastructure”  until  the  following  chapter.  Instead,  this  chapter  will  focus  on  some  tools. 
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The  potential  for  OIW  as  a  decisive  battlespace  force  multiplier  is  enormous.  Any  or  all 
aspects  of  a  given  society,  from  military  to  commercial,  can  be  brought  to  its  knees  by  effective 
use  of  OIW.  A  caveat  to  that  argument  is  that  such  a  society  must  be  information-dependent 
(using  OIW  against  a  non-information-dependent  society  or  nation  is  explored  further  in  Chapter 
VII).  OIW  can  be  used  to  achieve  hard  or  soft  kills  that  are  subtle  or  blatant.  Technology  is  a 
major  driving  force  in  achieving  this  diversity.  OIW  can  force  an  enemy  to  capitulate  without  the 
loss  of  a  single  human  life.  [Ref  66] 

3.  Creating  An  Offensive  Information  Warfare  Strategy 
Of  course,  in  order  to  be  useful,  OIW  must  be  applied  in  a  structured  fashion.  In  keeping 
with  that  goal.  Figure  6  represents  a  flowchart  for  an  OIW  Strategy  that  has  been  devised  by  the 
Office  of  the  Secretary  of  Defense  (OSD).  [Ref.  13] 
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Figure  6.  OIW  Strategy  Flowchart. [From  Ref  13] 


83 


Since  this  figure  will  be  referred  to  periodically  throughout  the  rest  of  this  thesis,  a  brief 
explanation  is  necessary.  Starting  in  the  top  left  comer,  there  is  the  entry  entitled  “Critical 
Information”.  This  is  information  which  the  enemy  is  dependent  upon  for  a  given  system  or 
infrastructure.  This  information  feeds  into  the  “Essential  Networks  and  Systems”  step  which  is 
self-explanatory.  Friendly  forces  need  to  identify  weaknesses  in  those  systems,  which  is  the  next 
step,  “Vulnerability  Assessment”.  Concurrently,  along  the  right  side  of  the  figure  are  the  fi'iendly 
“Military  Strategies  &  Objectives”.  Recall  from  Chapters  II  and  III  that  such  guidance  is 
sporadic  at  best  today.  From  that  step  is  derived  the  “Desired  Effect”  (i.e.,  what  we  want  to  do  to 
the  enemy).  From  there,  the  appropriate  “Tools  &  Techniques  Selection”  must  be  made.  Notice 
that  these  tools  and  techniques  are  directly  tied  into  the  results  of  the  “Vulnerability  Assessment” 
step  (obviously).  From  there,  the  two  tracks  merge  into  a  “Gain/Risk  Assessment”  where  the 
merits  of  a  given  plan  are  analyzed  and  weighed  against  the  possible  drawbacks.  The  next  step  is 
the  formation  of  an  “Offensive  Program  Strategy”.  Finally,  the  required  “Processes”, 
“Procedures”,  and  “Systems”  are  promulgated.  [Ref  13] 

In  the  context  of  Figure  6,  this  chapter  is  concerned  primarily  with  the  “Tools  & 
Techniques”  portion.  Some  discussion  will  be  made  about  “Desired  Effects.”  The  first  three 
steps  on  the  left  side  of  the  drawing  will  be  discussed  in  more  detail  in  Chapters  VI  and  VII. 

Some  discussion  has  been  made  of  “Military  Strategies  &  Objectives”;  any  specifics  in  this 
regard  would  most  likely  be  highly  classified  and  thus  beyond  the  scope  of  this  thesis.  Some 
brief  discussions  on  the  other  steps  in  the  figure  will  be  touched  upon  in  subsequent  chapters. 
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4.  Revisiting  Centers  of  Gravity 

One  should  recall  from  Chapter  I  the  discussion  on  Centers  of  Gravity  (COGs).  They  are 
essentially  the  weak  links  which,  if  exploited  convincingly,  lead  to  the  desired  results  in  a  given 
campaign.  John  Warden  has  often  been  credited  with  the  “Five  Strategic  Rings  Theory”[Ref.  67] 
in  which  he  places  COGs  in  five  concentric  rings.  The  outermost  ring  contains  the  military 
forces  while  the  innermost  ring  is  the  leadership  element.  Traditionally,  these  rings  generally  had 
to  be  attacked  in  succession  from  outside  in.  OIW  changes  that  mentality  by  allowing  a  direct 
attack  on  the  innermost  ring  without  (possibly)  affecting  any  other  ring.  [Ref.  68]  The  paradigm 
shift  to  Third  Wave  mentality  is  the  reason.  Now,  Offensive  Information  Warfare  permits 
“global  disruption  of  critical  command  and  control  networks,  which  are  the  centers  of  gravity  of 
modem  militaries”[Ref.  66]  Thus,  identifying  COGs  is  critical  to  success,  and  they  play  directly 
into  several  aspects  of  the  OIW  Strategy  depicted  in  Figure  6  (“Military  Strategies  & 

Objectives”,  “Desired  Effects”,  and  “Vulnerability  Assessment,”  at  a  minimum). 

5.  Examining  Targets  Sets  For  Offensive  IW 

Offensive  Information  Warfare  demands  a  new  approach  towards  developing  target  sets. 
As  mentioned  in  the  discussion  of  COGs,  finding  the  “soft  imderbelly”  of  the  enemy  can  be 
accomplished  in  whole  new  ways.  OIW  targets  should  be  selected  for  their  epistemological 
value  in  undermining  enemy  COGs.  Epistemology  means  “everything  a  human  organism— an 
individual  or  a  group-holds  to  be  tme  or  real,  no  matter  whether  that  which  is  held  to  be  tme  or 
real  was  acquired  as  knowledge  or  as  a  belief ’.[Ref  69]  In  other  words,  target  sets  now  include 
COGs  that  are  focused  on  human  thought  processes  and  perceptions.  This  is  a  radical  change 
from  many  traditional  forms  of  warfare,  and  it  is  the  source  of  much  controversy.  The  reader 
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should  take  a  moment  to  dwell  on  the  epistemological  paradigm.  It  brings  with  it  a  startling  new 
approach  to  warfighting.  Friendly  forces  can  influence  the  enemy’s  thoughts  and  ideals,  down  to 
even  the  basic  core  of  their  existence  as  a  society  or  a  people,  without  them  even  being  aware  of 
what  is  happening!  These  are  very  profound  and  very  powerful  concepts!  Therefore,  target  sets 
for  OIW  extend  beyond  traditional  boundaries  to  include  such  things  as  political  and  economic 
systems.  [Ref.  68] 

B.  OFFENSIVE  INFORMATION  WARFARE  TOOLS  AND  TECHNIQUES 

Perhaps  the  best  way  to  demonstrate  Offensive  Information  Warfare  is  to  examine  some 
of  the  tools  and  techniques  that  could  be  used  to  execute  it.  For  the  purpose  of  this  discussion, 
these  tools  and  techniques  are  grouped  into  four  categories  based  on  the  form  involved  : 
Traditional  Forms,  Phreaking  Forms,  Computer  Enabled/Dependent  Forms,  and  Technology 
Enabled/  Dependent  Forms.  Each  of  these  categories  has  subcategories  with  some  specific 
examples  of  the  types  of  things  that  could  be  employed  in  waging  OIW.  Keep  in  mind  that  these 
tools  and  techniques  are  all  drawn  from  open  sources.  Some  work  effectively,  some  may  not 
work  at  all,  some  may  not  even  exist  yet,  and  some  other  tools  or  techniques  may  have  (almost 
definitely  have)  been  omitted.  By  no  means  does  the  mentioning  of  a  specific  tool  or  technique 
imply  that  the  U.S.  government  or  U.S.  military  could  or  would  use  such  weapons,  or  that  they 
even  possess  them;  the  items  mentioned  here  are  only  possibilities  for  using  OIW  in  a 
battlespace. 
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1. 


Traditional  Forms 


The  first  major  category  of  OIW  tools  and  techniques  are  Traditional  Forms.  Traditional 
Forms  are  those  that  have  been  used  in  previous  types  of  warfare.  The  major  difference  is  that 
the  targets  have  changed,  as  discussed  above.  Also,  new  technologies  or  tactics  may  enhance  old 
forms  of  warfare  to  give  them  more  of  an  edge  in  the  IW  domain. 

a.  Physical  Destruction 

Physical  destruction,  a  sub-component  of  Command  and  Control  Warfare  (C2W), 
is  fairly  self-explanatory.  It  involves  the  use  of  anything  from  iron  bombs  and  precision-guided 
munitions  (PGMs)  to  artillery  and  special  forces  units.  The  targets  are  Information  Warfare-type 
targets,  such  as  command  centers,  telephone  switches,  or  microwave  towers.  Many  would 
consider  physical  destruction  as  a  borderline  OIW  weapon,  at  best.  There  is  a  large  school  that 
believes  blowing  up  something  is  not  Information  Warfare.  On  the  contrary,  it  is  indeed  IW  if  it 
achieves  the  intended  epistemological  goal. 

b.  Electronic  Warfare 

Electronic  Warfare  (EW),  like  physical  destruction,  is  another  C2W  pillar  that  has 
been  aroimd  a  while.  It  involves  the  use  of  such  traditional  means  as  jamming,  again  focused  on 
a  different  (perhaps)  target  set.  EW  as  an  OIW  weapon  also  means  exploiting  technology  in  new 
fashions.  One  example  of  this  is  the  Van  Eck  detector,  which  is  essentially  an  electronic 
eavesdropper.  Computers  and  other  electronic  devices  emit  electromagnetic  radiation.  This 
radiation  can  be  picked  up  by  devices  called  Van  Eck  detectors. [Ref  70]  This  device  could 
potentially  be  used  for  such  things  as  capturing  keyboard  keystrokes  [Ref  71]  which  could,  in 
turn,  be  used  to  figure  out  passwords  for  future  attacks. 
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c.  Information/Intelligence  Collection 

Information  or  Intelligence  Collection  has  been  a  part  of  warfare  since  the  dawn  of 
time.  Timely  intelligence  and  accurate  information  have  always  been  critical  to  success  in 
conflict.  Thus,  warfare  in  the  Information  Age  is  no  different.  However,  new  technologies 
(many  discussed  in  the  previous  chapter)  and  tactics  mean  new  dimensions  for  this  technique. 

An  example  is  the  age-old  trick  of  “dumpster  diving”  or  “waste  archeology”.  This,  of  course, 
involves  poring  through  the  enemy’s  trash  in  the  hopes  of  gamering  needed  information  or 
intelligence.  In  the  Information  Age,  dumpster  divers  are  looking  for  such  things  as  carelessly 
tossed  passwords  on  yellow  stickies  or  printouts  of  network  activity.  [Ref.  72] 

d.  Psychological  Operations 

Psychological  operations  (PSYOPS)  are  yet  a  third  piece  of  the  C2W  stmcture,  yet 
an  important  one  for  gaining  the  epistemological  advantage.  PSYOPS  include  such  things  as 
propaganda  broadcasts  from  aircraft  (such  as  occurred  in  Haiti  and  Panama).  The  Information 
Age  also  means  using  new  dissemination  methods,  such  as  the  Internet  to  broadcast  PSYOP 
messages. [Ref  73]  Three  additional  PSYOP  tools  require  further  mentioning:  the  mass  media, 
video  morphing,  and  voice  synthesis. 

(1)  The  Media.  The  media  has  always  had  a  role  to  play  in  psychological 
operations,  be  it  a  radio  broadcast,  newspaper,  or  television  news  show.  However,  a  proliferation 
of  technology  coupled  with  a  world  that  is  increasingly  relying  on  television  for  information, 
presents  a  formidable  PSYOP  weapon.  Emerging  technologies,  such  as  the  Direct  Broadcast 
System  (DBS)  discussed  in  Chapter  IV,  allow  for  the  transmission  of  large  amounts  of  video  data 
in  a  very  short  time.  Such  broadcasts  could  be  tailored  to  paint  a  picture  that  fnendly  forces 
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want  to  project  to  the  enemy  (not  necessarily  a  true  picture)  to  gain  the  mental  advantage.  A 
prime  weapon  for  this  task  could  be  the  Cable  News  Network  (CNN).  This  almost  worldwide 
news  station  prides  itself  on  timely  communication  of  breaking  news.  By  using  misinformation, 
along  with  specially  prepared  audio  and  video  clips,  friendly  forces  could  make  enemy  forces  or 
even  the  enemy’s  homeffont  believe  something  is  happening  that  is,  in  reality,  not. [Ref  30] 

For  example,  a  special  news  segment  about  enemy  atrocities  (which  never 
actually  occurred),  complete  with  pictures  of  dead  children  (computer  generated,  of  course)  is 
aired  over  CNN  only  to  stations  in  the  enemy’s  homeland  (by  special  prior  arrangement  with 
CNN).  The  people  at  large  lose  faith  in  their  leaders,  and  the  enemy  is  forced  to  cease  hostilities. 
Of  course,  this  scenario  raises  more  than  one  moral  and  ethical  issue,  which  need  to  be 
considered  (such  issues  are  addressed  in  Chapter  VIII). 

(2)  Video  Morphing.  The  scenario  just  presented  calls  into  question  yet 
another  PSYOP  technique,  video  morphing.  Video  morphing  involves  transforming  one  or  more 
video  images,  such  a  news  clip,  in  order  to  distort  reality.  This  was  done  several  times  with  a 
high  degree  of  success  in  the  movie  Forrest  Gump.\Kef.  70]  By  taking  this  process  one  step 
further,  the  result  is  the  scenario  shown  above. 

(3)  Voice  Synthesis.  A  final  example  of  a  PSYOP  technique  is  voice 
synthesis.  This  procedure  involves  artificially  creating  a  voice  by  use  of  a  computer  in  order  to 
emulate  a  desired  voice,  an  enemy  leader  for  example.  This  synthesized  voice  could  then  be  used 
to  create  a  propaganda  message  for  example  (perhaps  it  could  be  the  accompanying  audio  clip  for 
the  video-morphed  news  clip  described  in  the  scenario  above).  Again,  this  weapon  involves 
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several  tough  issues  that  must  be  addressed  before  it  could  be  folly  employed  in  an  information 
battlespace.[Ref.  74] 

2.  Phreaking  Forms 

“Phreaking”  is  a  term  that  applies  to  the  manipulation  of  telephone  systems  for  other  than 
their  intended  purposes.  In  much  the  same  way  that  a  hacker  is  concerned  with  penetration  of 
computer  systems,  a  “phreaker”  works  with  telephone  systems.  Several  additional  terms,  such  as 
“phracking”  are  related  to  this  discipline.  For  the  purpose  of  this  thesis,  phreaking  will  be 
viewed  as  exploitation  of  telecommunications  systems.  There  are  two  basic  breakdowns  for  this 
category:  traditional  and  cellular,  each  of  which  is  briefly  explained  below.  The  main  problems 
with  implementing  phreaking  technologies  are  the  current  legal  constraints. 
a.  Traditional  Telecommunications 

Phreaking  in  the  traditional  telecommunications  arena  has  been  ongoing  since  the 
advent  of  telephone  systems.  This  area  includes  such  things  as  phone  taps  and  redialers,  items 
that  law  enforcement  officials  have  used  almost  exclusively  in  the  past.  Phreaking  also  includes 
(and  is  perhaps  best  well-known  for)  penetration  of  telephone  computer  systems  for  such  things 
as  getting  free  phone  calls  or  altering  billing  records.  Although  this  latter  form  of  phreaking  has 
historically  been  performed  by  amateurs  acting  imder  their  own  motives,  the  revolution  in 
Information  Warfare  brings  new  potential.  Now,  an  organized  group  could  perform  the  same 
types  of  activities  imder  the  auspices  of  an  OIW  plan.  Phone  systems  could  be  penetrated  in 
order  to  monitor  network  traffic  or  plant  computer  viruses  or  any  number  of  things.  A  world  that 
relies  on  telephony  to  survive  is  also  vulnerable  to  its  weaknesses. 
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b.  Cellular  Communications 

A  newer  field  of  study  that  is  emerging  is  phreaking  of  cellular  systems.  Cellular 
systems  have  always  been  vulnerable.  Some  of  those  vulnerabilities  were  explored  in  the 
previous  chapter.  Electronic  Serial  Numbers  (ESNs)  can  be  captured.  Not  only  could  this 
trapping  lead  to  fraudulent  charges,  it  could  also  be  exploited  for  transmission  of,  for  example, 
voice  synthesis  attacks  as  discussed  above.  The  evolution  of  networked  computer  systems 
operated  by  cellular  technology  (recall  the  discussion  on  wireless  networks  and  PCS  in  Chapter 
IV)  will  require  an  increasing  emphasis  on  OIW  techniques  for  cellular  systems. 

3.  Computer  Enabled/Dependent  Forms 

The  Third  Wave  revolution  has  brought  with  it  a  heightened  reliance  on  technology.  In 
fact,  this  technology  explosion  has  been  a  major  enabler  for  the  birth  of  modem  Information 
Warfare.  Perhaps  the  greatest  such  explosions  have  occurred  in  the  area  of  computer  advances. 
In  fact,  perhaps  the  most  powerful  weapon  for  those  who  would  wage  Information  Warfare  is  the 
computer.  This  category  is  essentially  broken  into  two  groupings:  Malicious  Software  [Ref.  70] 
(concerned  with  attacks  on  software)  and  Hacking  (concerned  with  attacks  on  systems). 
a.  Malicious  Software 

The  first  subcategory  is  Malicious  Software.  This  form  of  IW  is  perhaps  the  most 
visible  and  prolific  to  the  individual  user.  In  fact,  one  would  be  hard-pressed  to  find  a  veteran 
computer  user  that  has  not  dealt  with  at  least  one  of  the  software  components  discussed  below. 
While  such  tools  have  customarily  been  used  by  individuals  for  accomplishing  self-centered 
goals,  the  OIW  potential  for  an  organized,  yet  essentially  hands-off,  campaign  is  enormous. 
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(1)  Virases.  Perhaps  the  best  known  software  weapon  is  the  virus.  A 
computer  virus  can  perhaps  best  be  described  as  “a  code  fragment  that  copies  itself  into  a  larger 
program,  modifying  that  program.  A  virus  executes  only  when  its  host  program  begins  to  run. 
The  virus  then  replicates  itself,  infecting  other  programs  as  it  reproduces.”[Refs.  25  and  75] 
These  executed  code  fragments  then  modify  or  destroy  other  data  in  the  computer.  Maybe  the 
virus  even  drains  the  computer’s  resources  to  the  extent  that  routine  tasks  are  almost  impossible 
to  perform.  [Ref.  76]  There  are  innumerable  viruses  in  existence.  They  proliferate  over  such 
media  as  the  Internet  (i.e.,  someone  downloads  an  infected  program,  sends  it  a  friend,  etc.). 

An  example  of  a  coordinated  OIW  virus  attack  might  be  posting  an 
infected  story  on  the  CNN  home  page  on  the  Internet.  Intelligence  assets  report  that  the  staff  of 
the  enemy  dictator  routinely  downloads  stories  from  the  CNN  page  to  prepare  daily  briefings. 
The  infected  story  is  incorporated  into  the  briefing,  which  is  on  a  floppy  disk  that  is  then  passed 
among  several  staff  members  for  editing.  Along  the  way,  the  virus  infects  each  computer  it 
passes  through.  Finally,  it  reaches  the  dictator’s  computer  where  the  brief  is  reviewed  by  the 
dictator’s  aide;  that  computer,  too,  becomes  infected.  Shortly  thereafter,  the  dictator’s  command 
post  is  scrambling;  for  some  inexplicable  reason,  all  of  the  staffs  hard  drives  erased  themselves. 
Another  successful  OIW  attack  is  complete...  As  a  side  note,  there  are  various  legal  problems 
that  preclude  this  scenario  from  being  implemented  today  (some  of  which  vvdll  be  discussed  in 
Chapter  VIII). 

(2)  Trojan  Horses.  A  Trojan  Horse  is  very  similar  to  a  computer  virus. 
The  major  difference  is  that  a  Trojan  Horse  is  non-replicating.[Ref.  77]  The  end  result  with  both 
viruses  and  Trojan  Horses  is  the  same:  data  on  a  computer  is  altered,  degraded,  or  destroyed. 
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However,  the  utility  of  a  Trojan  Horse  is  limited  in  that  it  cannot  replicate  itself.  Therefore,  each 
computer  would  have  to  be  infected  individually.  Of  course,  that  could  be  accomplished  in  a 
software  upgrade.  For  example,  Country  X  arranges  for  a  neutral  third  party  (which  is  under 
contract  from  Country  Y  to  produce  a  software  upgrade  to  their  military  operating  systems)  to 
interject  a  Trojan  Horse  into  the  software.  Country  Y  installs  the  software,  and  the  Trojan 
Horses  executes,  deleting  the  computers’  hard  drives.  Again,  there  are  more  legal  problems,  but 
otherwise,  the  capabilities  exist. 

(3)  Logic  Bombs.  Yet  another  related  tool  is  the  logic  bomb.  A  logic 
bomb  is  similar  to  a  Trojan  Horse,  except  that  it  is  conditionally  executed.  [Ref.  76]  For 
example,  a  logic  bomb  could  be  used  to  coordinate  an  01 W  strike.  Taking  the  Trojan  Horse 
scenario  one  step  further,  logic  bombs  could  be  inserted  into  a  software  upgrade  to  an  early 
warning  system.  They  would  be  scheduled  to  execute  at  a  pre-determined  time  in  conjimction 
with  an  airstrike.  When  the  airstrike  occurs,  the  computers  controlling  the  enemy’s  search  radars 
inexplicably  shut  down... 

(4)  Worms.  A  final  type  of  malicious  software  tool  is  the  worm.  Worms 
are  programs  that  “reproduce”  by  copying  themselves  over  and  over.  They  spread  from  computer 
to  computer  via  networks.  [Ref  76]  Their  mission  is  primarily  to  drain  computer  system 
resources.  Historically,  worms  have  not  been  used  to  modify  or  destroy  data,  although  they 
technicdly  could  be  used  for  that  purpose.  [Ref.  25] 

b.  Hacking 

The  second  major  subcategory  of  the  Computer  Enabled/Dependent  Forms 
category  is  Hacking.  As  mentioned  before,  this  definition  of  “hacking”  is  meant  to  convey  a 
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systemic  attack  vice  a  software  one.  There  are  any  number  of  tools  and  techniques  that  fall  into 
this  subcategory.  Eight  of  them  are  discussed  here;  Data  Manipulation,  Sniffers, 
Probes/Mapping,  Crackers,  Spoofing,  Hijacks,  Back  Doors,  and  Denial  of  Service  (DOS)  attacks. 

(1)  Data  Manipulation.  When  one  thinks  of  the  stereotypical  hacker  at 
work,  one  thinks  of  the  data  manipulation  technique.  Someone  sits  down  in  fi'ont  of  a  computer 
and  gains  access  to  a  target  system  (by  any  number  of  means,  some  of  which  are  discussed 
herein).  Once  “inside”  the  system,  that  person  then  modifies,  creates,  or  destroys  data  to  achieve 
a  goal.  In  the  past,  these  goals  have  generally  been  limited  to  that  individual.  However,  the 
advent  of  IW  as  a  warfare  discipline  advances  the  theory  for  an  organization  to  perform 
coordinated  data  manipulation  attacks  on  adversary  systems. 

(2)  Sniffers.  A  sniffer  is  a  “network  monitoring  tool  that  enters  a  system 
and  detects  up  to  the  first  120  keystrokes  of  a  newly  opened  Internet  session,  capturing  a  user’s 
host,  account  and  password  information.” [Ref  78]  A  sniffer  is  a  powerfiil  tool,  in  that  it  can  be 
the  “foot  in  the  door”  for  a  series  of  OIW  attacks.  Sniffers  are  easily  available  (they  are  prolific 
on  the  Internet,  for  example).  They  are  also  automated,  so  they  can  monitor  large  amounts  of 
network  traffic.  These  sniffers  are  disguised  as  legitimate  network  tools.  As  more  and  more 
passwords,  etc.,  are  trapped,  more  holes  are  opened  up  on  that  network  (and  perhaps  other 
connected  networks  as  well).[Ref.  79]  The  end  result  could  be  almost  total  control  of  an 
adversary’s  networks.  If  concealed  properly,  sniffers  could  form  the  “reconnaissance”  phase  of 
an  OIW  campaign.  From  there,  a  striking  force  could  gain  valuable  insight  into  the  enemy’s 
routine,  organization,  etc. 
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(3)  Probes/Mapping.  A  third  type  of  Hacking  tools  is  probes.  Probes  are 

tools  that  are  used  to  map  out  a  network.  One  of  the  best  all-encompassing  definitions  on  probes 

comes  from  an  pseudo-anonymous  posting  to  an  Internet  mailing  list  which  says  that  a  probe  is 

[A]n  artificial  life  form  that  exists  only  electronically  and  on  storage  media  and 
uses  artificial  intelligence  to  accomplish  its  mission.  Its  mission  is  to  map 
networked  systems,  steal  and  internally  store  copies  of  sensitive  files  and  at  some 
point  to  return  to  its  point  of  origin.  As  it  traverses  the  network,  it  stores  a  map  of 
the  network  in  a  heap  [a  form  of  bintiry  tree  which  can  be  quickly  and  logically 
searched]  structure.  If  network  links  dropped  or  were  taken  down  on  the  path  the 
probe  would  follow  back,  it  can  search  the  heap  to  find  another  way  home.  [Ref. 

80] 

This  somewhat  lengthy  definition  is  very  good.  It  explains  the  purpose  of  a  probe  as  well  as  its 
technology  basis  (recall  the  discussion  of  artificial  intelligence  in  the  previous  chapter).  As  one 
can  see  from  the  definition,  probes  are  highly  sophisticated  and  very  powerful  tools.  Once  access 
is  gained  to  an  enemy’s  network,  a  probe  could  be  inserted  to  either  perform  reconnaissance  or 
attacks  or  both.  The  main  problem  for  the  probe  would  appear  to  be  remaining  hidden. 

(4)  Crackers.  Cracking  is  the  process  by  which  a  software  tool  attempts  to 
gain  access  to  a  system  by  “guessing”  passwords.  The  variables  in  this  process  are  the  length  of 
the  passwords,  the  types  of  passwords  (alphanumeric,  case  sensitive,  special  characters,  etc.),  and 
time.  Given  enough  time  and  a  powerful  enough  computer  and  software,  almost  any  password 
can  be  guessed.  In  fact,  25%  of  all  passwords  are  easily  cracked.  The  time  required  to  crack  any 
password  is  a  linear  function  based  on  the  total  number  of  password  combinations  and  the  length 
of  the  password  and  assuming  that  each  “guess”  requires  the  same  amoimt  of  processing  time 
(approximately  one  millisecond). [Ref.  81] 
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(5)  Spoofing.  Spoofing  is  the  ability  of  one  computer  system  user  to 
impersonate  another  user.  This  is  accomplished  by  impersonating  that  person’s  computer’s 
Internet  Protocol  (IP)  address.  The  system  that  is  being  attacked  believes  that  the  spoofer  is  a 
trusted  user.  [Ref.  82]  This  process  is  often  simplified  by  the  fact  that  IP  addresses  for  many 
machines  are  arranged  in  a  logical  sequence.  [Ref  81]  Once  trusted  access  is  obtained,  any  of  a 
number  of  01 W  attack  tools  and  techniques  can  be  utilized  (e.g.,  data  manipulation,  insertion  of 
viruses,  Trojan  Horses,  or  worms,  etc.).  Spoofing  attacks  are  difficult  to  detect  because  most 
network  monitoring  programs  do  not  check  the  incoming  routers  for  source  IP  addresses,  only 
destination  ones.  [Ref  82] 

(6)  Hijacks.  Another  OIW  technique  is  the  hijacked  session  (or  hijack  for 
short).  In  this  method,  a  perpetrator  gains  “root”  (most  privileged)  access  (perhaps  through 
something  such  as  cracking  or  sniffing)  of  a  machine  or  system.  He  or  she  then  uses  that  root 
access  to  take  control  of  another  existing  user  session.  The  hijacker  then  has  control  of  that 
user’s  account  (the  victim  may  or  may  not  be  aware).  If  the  victim  has  remotely  accessed  another 
computer,  the  hijacker  may  have  access  to  that  remote  system  as  well,  without  any  kind  of 
authentication  procedure.  [Ref  82] 

(7)  Back  Doors.  Another  Hacking  tool  is  the  back  door  or  the  trap  door. 

A  back  door  is  a  security  “loophole”  in  a  piece  of  software  that  is  put  in  place  by  the  designing 
programmer.  This  loophole  provides  a  means  of  entry  back  into  that  program  at  a  later  date.  [Ref. 
25]  Recalling  the  scenario  depicted  under  the  Trojan  Horse  section  earlier,  the  software  upgrades 
sold  by  the  intermediary  country  could  be  designed  with  trap  doors.  In  fact,  perhaps  the 
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designers  could  be  bribed  (not  an  unheard-of  concept)  by  Country  X  into  revealing  the  access 
technique.  Now  Country  X  has  a  means  to  penetrate  Country  Y’s  systems. 

(8)  Denial  of  Service.  A  final  Hacking  technique  is  Denial  of  Service 
(DOS).  The  purpose  of  a  DOS  attack  is  to  overwhelm  the  defenses  of  a  victim’s  computer 
network  system.  This  is  accomplished  by,  for  example,  sending  a  continuous  stream  of  large 
electronic  mail  messages  to  the  victim’s  address.  Such  a  loading  soon  inundates  the  victim’s 
system.  The  victim  would  then  be  forced  to  make  a  decision  to  cease  receipt  of  all  message 
traffic  (including  possibly  critical  information  from  another  valid  user)  or  not.  [Ref.  83]  While 
the  system  is  trying  to  handle  the  volume  of  traffic,  perhaps  the  perpetrator  tries  to  gain  access  to 
other  parts  of  the  victim’s  system  while  using  the  DOS  attack  to  mask  the  intrusion.  One 
drawback  to  the  DOS  technique  is  that  cannot  be  hidden  (although  the  origin  of  the  attack  can  be 
hidden,  perhaps  through  something  such  as  an  anonymous  remailer  [Ref.  84]). 

4.  Technology  Enabled/Dependent  Forms 

The  final  category  of  OIW  attack  tools  and  techniques  is  Technology  Enabled/Dependent 
Forms.  While  may  of  the  items  discussed  so  far  rely  heavily  on  technology,  this  category  is 
reserved  for  those  weapons  that  depend  almost  exclusively  upon  technological  developments.  In 
fact,  in  almost  every  case  listed  below,  the  methods  for  these  attacks  have  not  been  perfected  or 
proven.  They  represent  the  “cutting  edge”  of  Offensive  Information  Warfare  weaponry.  Many  of 
these  items  may  appear  to  be  extracted  from  a  science  fiction  novel.  While  the  details  may  not 
have  been  perfected,  the  ideas  are  at  least  feasible,  given  today’s  technology. 
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a.  Chipping 

The  first  tactic  to  be  discussed  is  chipping.  Chipping  is  “the  practice  of  making 
electronic  chips  vulnerable  to  destruction  by  designing  in  weaknesses”.  [Ref.  70]  This  weakness 
then  comes  to  light  at  a  pre-determined  time  or  when  a  pre-determined  condition  is  met.  [Ref.  26] 
For  example.  Country  X  knows  that  its  potential  adversary,  Country  Y,  buys  the  computer 
hardware  for  its  shipboard  air  defense  systems  from  Country  Z.  As  luck  would  have  it.  Country 
Z  buys  its  computer  raw  materials  (such  as  semiconductors)  from  Cotmtry  X.  Therefore,  Country 
X  specially  designs  the  computer  chips  (Le.  it  “chips”  them)  in  view  of  a  potential  crisis 
(unbeknownst  to  both  Countries  Y  and  Z).  The  resulting  computers  that  Country  Z  sells  to 
Country  Y  have  been  “chipped”.  In  fact,  they  have  been  designed  to  activate  upon  receipt  of  a 
signal  transmitted  by  Country  X.  Several  years  later.  Country  X  launches  a  pre-emptive  air  strike 
at  a  naval  task  force  belonging  to  Country  Y.  The  inbound  air  raid  transmits  the  trigger  signal. 
Suddenly,  all  of  the  task  force’s  air  defense  computers  shut  down  on  an  unexplained  hardware 
failure...  This  scenario  is,  of  course  a  very  elaborate  one,  but  it  is  only  one  of  countless  chipping 
possibilities. 

b.  Energy  Weapons 

Energy  weapons  are  the  second  subcategory  of  Technology  Enabled/Dependent 
Forms.  Three  examples  of  these  science  fiction-type  weapons  are:  High  Energy  Radio  Frequency 
(HERF)  guns.  Electromagnetic  Pulse  (EMP)  bombs,  eind  High  Power  Microwave  (HPM) 
weapons.  A  brief  description  of  the  function  of  each  is  included  below.  The  target  for  each 
weapon  is  electronic  equipment,  such  as  computers.  Energy  weapons  could  be  very 
controversial,  in  that  they  could  harm  humans  as  well  as  electronics. 
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(1)  HERF  Guns.  A  HERE  gun  is  essentially  a  powerful  radio  transmitter. 
When  activated,  it  transmits  a  radio  signal  at  the  target.  This  signal  interrupts  the  normal 
electron  flow  pattern.  Depending  on  the  power  of  the  transmitted  signal  and  a  variety  of  other 
factors,  the  intended  targets  are  either  destroyed  (components  bum  up)  or  degraded  (equipment 
shuts  down).  HERF  guns  can  penetrate  buildings  or  other  structures  (unless  the  buildings  are 
specially  designed  to  Avithstand  the  beams). [Refs.  25  and  26] 

(2)  EMP  Bombs.  EMP  (or  EMP/T  where  the  T  stands  for  Transformer) 
bombs  operate  on  a  concept  very  similar  to  HERF  guns.  However,  EMP  bombs  are  generally 
area  weapons  (whereas  HERF  guns  are  directional  weapons).  Also,  EMP  bombs  tend  to  be  more 
powerful  (on  the  order  of  a  thousand  times  or  so).  The  theory  behind  the  EMP  bomb  is  exactly 
that  of  the  EMP  wave  released  by  a  nuclear  explosion.  [Refs.  25  and  26] 

(3)  HPM  Weapons.  The  final  example  of  an  energy  weapon  is  the  HPM. 
HPM’s  are  similar  to  HERF  guns.  They  transmit  an  intense  radio  frequency  beam  in  almost 
every  frequency  range  (so  as  to  affect  almost  any  type  of  electronic  device).  The  power  of  this 
weapon  is  on  the  order  of  10  Gigawatts  (GW)!  In  an  upcoming  book  on  “Information 
Terrorism”,  Paul  Strassman  outlines  the  details  of  such  a  weapon,  include  schematics  and  peak 
power  diagrams.  HPMs  can  also  kill  or  injure  people  (by  literally  cooking  that  person,  similar  to 
the  way  a  microwave  oven  cooks).[Refs.  49,  85,  and  86]  Naturally,  there  might  be  strong 
objections  in  some  quarters  to  the  use  of  such  a  weapon. 

c.  Microbes 

Another  type  of  Technology  Enabled/Dependent  Forms  is  the  microbe.  This  is 
essentially  where  information  warfare  meets  chemistry  and  biology.  Today,  various  microbes 
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have  been  designed  that  “eat”  oil  and  are  used  for  oil  spill  clean-ups.  Microbes  in  an  OIW  role 
perform  similarly.  Specially  designed  microbes  feast  on  silicon.  When  introduced  into  an 
adversary’s  electronics  systems  (the  real  trick),  the  microbes  devour  (and  thus  destroy)  the 
systems.  [Refs.  25  and  70]  Naturally,  there  are  ethical  and  moral  issues  to  contend  with,  as  well  as 
legal  ones. 

d.  Nano  Machines 

A  final  example  of  OIW  weapon  are  nano  machines.  These  devices  can  probably 
best  be  described  as 

[Tjiny  robots  (smaller  than  ants)  that  could  be  spread  at  an  information  center  of 
the  enemy.  They  crawl  through  the  halls  and  offices  until  they  find  a  computer. 

They  are  so  small  that  they  enter  the  computer  through  slots  and  shut  dovm 
electronic  circuits.  [Ref.  25] 

Of  course,  these  tiny  robots  would  be  networked  with  one  another,  communicating  their  position 
back  to  the  attacking  forces  (recall  the  discussion  of  the  networked  battlespace  from  Chapter  I). 
These  robots  are  also  dependent  on  such  technological  developments  as  miniaturization  (as 
mentioned  in  Chapter  IV).  That  concludes  the  discussion  of  specific  Offensive  Information 
Warfare  tools  and  techniques.  Table  9  summarizes  these  weapons. 
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CATEGORY 

SUBCATEGORY 

EXAMPLES 

Traditional  Forms 

Physical  Destruction 

Precision  Guided  Munitions 

Electronic  Warfare 

Jamming,  Van  Eck  Detection 

Info/Intel  Gathering 

Dumpster  Diving 

Psychological  Operations 

Media,  Video  Morphing, 

Voice  Synthesis 

Phreaking  Forms 

Traditional  Telecomms 

Bugs,  Wiretaps 

Cellular  Communications 

ESN  Grabbers 

Computer 

Malicious  Software 

Logic  Bombs,  Trojan  Horses, 

Enabled/Dependent  Forms 

Viruses,  Worms 

Hacking 

Data  Manip.,  DOS,  Sniffers, 

Probes/Mapping,  Crackers, 

Spoofs,  Hijacks,  Back  Doors 

Technology 

Chipping 

N/A 

Enabled/Dependent  Forms 

Energy  Weapons 

HERF  Guns,  EMP  Bombs, 

HPM  Weapons 

Microbes 

N/A 

Nano  Machines 

N/A 

Table  9.  Offensive  IW  Tools  and  Techniques. 


C.  CONSIDERATIONS  FOR  OFFENSIVE  INFORMATION  WARFARE 

As  one  can  see,  there  is  a  plethora  of  OIW  weapons.  In  OIW,  as  with  any  warfare 
strategy,  selecting  the  right  balance  of  weapons  to  achieve  the  desired  goal  is  critical  to  success. 
The  United  States  is  grappling  with  how  to  effectively  employ  Offensive  Information  Warfare,  or 
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even  if  it  should.  As  alluded  to  previously,  there  are  any  number  of  issues  that  surround  the  use 
of  OIW  weapons  and  tactics.  Chapter  VIII  is  the  focus  of  the  majority  of  these  discussions.  This 
part  of  the  chapter  will  address  a  possible  partitioning  scheme  for  OIW  weaponry  as  well  as  some 
ideas  about  employment  of  OIW. 

1.  Partitioning  The  Attack  Domain 

One  difficulty  in  developing  a  coherent  OIW  strategy  (recall  the  need  for  such  from 
Figure  6)  is  that  there  are  a  large  number  of  different  types  of  weapons  that  could  be  used.  How 
to  use  each  weapon  and  in  what  circumstances  would  be  the  object  of  much  discussion.  The 
United  States  knows  how  to  employ  sea,  land,  and  air  power  because  it  has  been  doing  so  quite 
convincingly  for  many  years.  But  what  about  “info  power”?  This  is  a  whole  new  warfighting 
discipline,  which  makes  the  problem  that  much  more  difficult. 

One  possible  way  to  approach  the  problem  is  to  look  at  the  goals  of  the  attacking  force. 

A  different  mix  of  tools  and  techniques  would  be  employed  for  a  “show  of  force”-type  strategy 
than  would  be  used  in  an  “all-out  info  war”-type  strategy.  One  method  for  facilitating  the 
selection  process  is  by  partitioning  the  attack  domain  by  goal  and  placing  different  weapons  into 
that  matrix.  Then,  based  on  the  goals,  the  right  combinations  of  weapons  could  be  selected. 

An  example  of  one  possible  partitioning  scheme  is  shown  in  Table  10.  Here  the  major 
divisions  are  Covert  and  Overt,  depending  on  the  degree  of  stealth  desired  by  the  attacking  force. 
Under  each  category  are  subcategories  based  on  lethality.  “Lethality”  in  the  context  of  this  table 
means  lethality  to  the  information  systems,  not  necessarily  loss  of  human  life  (although  that  is  a 
very  real  possibility  in  some  instances).  The  final  column  of  the  table  shows  the  various  tools 
and  techniques  that  could  be  used  for  that  mission.  One  should  keep  in  mind  that  the  entries  in 
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this  matrix  are  not  absolute;  in  fact,  some  weapons,  employed  differently,  could  easily  transition 
to  another  category.  This  table  is  only  meant  to  serve  as  a  means  to  partion  the  problem  into 
manageable  chunks. 


CATEGORY 

SUBCATEGORY 

EXAMPLES 

Covert 

Lethal 

Malicious  Software 

Chipping 

Microbes 

Nano  Machines 

Non-Lethal 

EW  (V  an  Eck  Monitoring) 

Info/Intel  Collection 

Phreaking  (both  forms) 

Hacking 

Nano  Machines 

Overt 

Lethal 

Physical  Destruction 

EW  (Jamming) 

Energy  Weapons 

Non-Lethal 

Psychological  Ops.,  DOS 

Table  1C 

).  Possible  Partioning  Scheme  For  01 W. 

2.  Using  Offensive  Information  Warfare 

Offensive  Information  Warfare  should  be  considered  as  a  viable  weapon  in  future 
conflict.  The  tools  exist  to  perform  powerful  attacks.  In  fact,  many  of  those  tools  are  easily 
available  on  the  Internet.  Although  the  easy  access  to  such  tools  spurns  systems  adminstrators  to 
tighten  control  on  their  systems,  it  also  spurns  creation  of  more  spohisticated  weapons.  Any 
number  of  issues  surround  the  use  of  01 W:  goals  of  the  attacking  force,  intelligence  support, 
legal/political/  economical/moral  ramifications,  etc.  (all  of  which  are  addressed  in  Chapter  VIII). 
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The  bottom  line  is  that  IW  is  here  to  stay  (at  least  into  the  forseeable  future)  and  the  United 
States  should  be  prepared  to  use  it. 

In  fact,  IW  in  an  offensive  role  should  be  employed  by  military  commanders.  A  1994 
report  by  the  Defense  Science  Board  states  that,  from  an  IW  standpoint,  military  commanders 
should  be  able  to: 

•  Manage  perceptions  of  events  or  circumstances 

•  Deceive  potential  adversaries 

•  Influence  information  in  content  or  delivery 

•  Debilitate  or  destroy  information  of  others 

•  Protect  its  interests  through  INFOSEC  [Information  Security]  or  Communications 
Security  (COMSEC)  [Ref  87] 

With  the  exception  of  the  last  one,  all  of  these  bullets  fall  directly  into  the  OIW  realm.  This 
chapter  has  examined  some  of  the  ways  that  those  tasks  might  be  accomplished,  albeit  in  general 
terms. 

With  the  need  for  Offensive  Information  Warfare  recognized,  one  must  now  turn  to  how 
an  adversary  could  be  attacked  using  some  of  the  tools  and  techniques  described  in  this  chapter. 
This  is  the  focus  of  Chapter  VII.  First,  however,  some  kind  of  insight  is  necessary  into  the  kinds 
of  OIW  targets  that  a  given  country  might  have.  Developing  this  insight  into  a  somewhat 
rigorous  model  is  the  focus  of  Chapter  VI. 
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VI.  THE  INFRASTRUCTURE  AND  INFORMATION  WARFARE 


A.  THE  ROLE  OF  THE  INFRASTRUCTURE 

The  previous  chapter  addressed  the  need  for  Offensive  Information  Warfare  as  well  as 
some  of  the  tools  and  techniques  that  could  be  used  to  perform  that  mission.  One  point  that 
should  be  evident  from  that  chapter  is  the  need  for  a  specialized  target  set,  one  that  is 
epistemologically  directed.  This  chapter  will  provide  one  possibility  for  structuring  those  target 
sets.  The  approach  for  that  structure  will  be  a  template  focused  on  the  concept  of  an 
“infrastructure”.  Brief  descriptions  of  each  component  in  that  template  will  be  accompanied  by 
possible  ways  that  OIW  might  be  used  in  that  context.  After  the  template  is  explained,  the 
discussion  will  turn  in  the  following  chapter  to  some  considerations  and  issues  that  must  be 
addressed  when  contemplating  OIW  attacks.  First,  however,  an  in-depth  look  at  Centers  of 
Gravity  and  the  need  for  an  infrastructure  template  are  necessary. 

1.  Centers  of  Gravity  Again 

The  role  of  and  the  need  for  Centers  of  Gravity  (COGs)  in  an  Information  Warfare 
campaign  has  been  touched  upon  in  Chapters  I  and  V.  This  chapter  will  address  some  of  the 
specifics  in  determining  such  COGs.  First,  however,  a  somewhat  more  detailed  examination  at 
Centers  of  Gravity  is  required. 

Centers  of  Gravity  have  played  an  important  role  in  military  conflict  for  almost  two 
centuries.  They  have  become  an  integral  part  of  U.S.  military  planning  today.  The  original  use 
of  the  term  is  often  credited  to  the  great  strategist,  Carl  Von  Clausewitz.  He  stated  that  COGs  are 
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“the  hub  of  all  power  and  movement,  upon  which  everything  depends.  That  is  the  point  against 
which  all  [of]  our  energies  should  be  directed. ’’[Refs.  9  and  88] 

The  increasing  emphasis  on  joint  operations  has  also  prompted  statements  on  COGs  in 
joint  doctrine  publications.  For  example,  Joint  Publication  3-0  states  that  ”[i]dentification  of 
enemy  centers  of  gravity  requires  detailed  knowledge  and  understanding  of  how  opponents 
organize,  fight,  make  decisions,  and  their  physical  and  psychological  strengths  and 
weaknesses. ’’[Refs.  88  and  89]  Defining  and  exploiting  some  of  those  strengths  and  w'eaknesses 
are  central  concepts  in  this  chapter. 

The  determination  of  COGs  as  defined  in  Joint  Publication  3-0  requires  the  use  of  a 
convenient,  yet  powerful  model.  An  example  of  such  a  model  is  the  Warden  Five  Rings  Model 
(which  was  introduced  in  the  previous  chapter).  With  this  model,  the  enem>'  is  seen  as  a  system 
that  can  be  broken  down  into  five  components,  orgamzed  as  concentric  rings.  Figure  7  is  a  visual 
representation  of  this  model.  The  innermost  ring  is  considered  the  most  vital  to  the  enemy. 


LEADERSHIP 

'organic  essentials 
'infrastructure 
'population 
'fielded  forces 


Figure  7.  W’arden’s  Five  Rings  Theory'  [From  Ref  90]. 
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The  rings  then  decrease  in  relative  importance  moving  from  the  center  outward.  Historically, 
these  rings  have  generally  been  attacked  from  the  outermost  ring  (Fielded  Forces).  Starting  with 
the  Gulf  War,  the  outermost  ring  was  mostly  bypassed  and  other  rings  (most  notably  the 
Leadership  ring)  were  attacked.  Information  Warfare  allows  for  simultaneous  attack  of  some  or 
all  of  these  rings  (with  possibly  more  effectiveness  than  a  conventional  attack). 

These  last  few  paragraphs  have  shown  that  COGs  are  essential  in  warfare  and  they  should 
target  specific  items  (i.e.,  leadership,  infrastructure,  physical  and  psychological  strengths  and 
weaknesses,  etc.).  These  needs  tie  directly  into  the  Offensive  Information  Warfare  Strategy 
developed  in  the  last  chapter.  For  ease  of  review,  that  diagram  is  reprinted  below  as  Figure  8. 


Critical  Information 

Military 

Strategies  & 

Objectives 

Essential  Networks 

and  Systems 

Desired  Effects 

Vulnerability 

Assessment 

1 

Tools  &  Techniques 

Selection 

of  Essential  Systems 

Gain  /  Risk  Assessment 

Program  Strategy 

Processes  Procedures  Systems 

Figure  8.  OIW  Strategy  Flowchart. [From  Ref.  13] 

COGs  have  a  role  in  at  least  the  top  half  of  the  diagram.  Identifying  critical  information  as  well 
as  the  vulnerabilities  of  networks  and  systems  is  essentially  the  determination  of  Centers  of 
Gravity. 


2.  The  Need  For  A  Template 

If  Centers  of  Gravity  are  to  be  developed  and  exploited  in  an  Information  Warfare 
domain,  some  kind  of  utility  must  be  developed  to  facilitate  this  process.  Perhaps  one  approach 
is  to  first  consider  the  IW  environment.  Figure  9  is  one  possible  depiction  of  the  Information 
Warfare  Battlespace.  Several  key  elements  of  Paradigm  F  (the  context  of  IW  for  the  purpose  of 
this  thesis,  developed  in  Chapter  II)  can  be  seen  here:  C2W  is  a  sub-set  of  IW,  IW  occurs  at  all 
levels  of  war,  from  strategic  to  tactical,  etc.  One  interesting  additional  feature  is  the  series  of 
vertical  bars  denoting  various  infrastructures:  political,  economic,  physical,  and  military'. 
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Figure  9.  Information  Warfare  Battlespace. [From  Ref  32] 
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Using  the  Warden  model  and  the  Joint  Publication  3-0  philosophy  on  COG’s,  along  with 
the  IW  Battlespace  diagram,  a  synthesized  target  domain  begins  to  emerge.  Effective  Offensive 
Information  Warfare  is  directed  against  the  enemy’s  Centers  of  Gravity.  From  these  COGs, 
epistemological  target  sets  (as  discussed  in  the  previous  chapter)  are  derived.  Naturally, 
choosing  those  target  sets  must  be  done  in  a  structured  and  useful  fashion.  This  chapter  is 
focused  mainly  on  creating  just  such  a  structure. 

B.  ATTACKING  THE  INFRASTRUCTURE 

Developing  a  useful  template  for  OIW  target  sets  is  not  an  easy  task.  As  seen  in  previous 
discussions.  Information  Warfare  is  a  large  and  complex  process.  It  spans  all  levels  of  war  as 
well  as  the  whole  time  line  of  conflict.  OIW  target  sets  require  large  amounts  of  detail  and 
precision.  Still,  any  tool  that  is  developed  for  creating  target  sets  must  have  some  utility.  It  must 
be  consistent  and  flexible.  It  must  be  generic  enough  to  be  employed  in  a  wide  range  of 
situations,  yet  detailed  enough  to  provide  some  degree  of  usefulness  to  a  commander. 

With  all  of  these  obstacles  and  challenges,  trying  to  develop  such  a  template  is  a 
formidable  task.  This  section  presents  one  possible  template.  By  no  means  is  this  template 
meant  to  be  the  best  possible  such  tool;  rather,  the  hope  is  to  provoke  some  thought  about  ways 
the  template  might  be  improved.  Only  by  realizing  the  need  for  such  a  tool  will  constructive 
thoughts  be  put  into  action.  The  arguments  presented  here  are  not  all-inclusive;  as  mentioned 
previously,  no  single  discussion  of  IW  could  ever  be.  Thus,  not  all  possibilities  are  considered. 
Again,  the  goal  is  to  stimulate  discussion  on  the  subject.  The  ideas  for  the  template  are  based 
largely  on  the  author’s  own  views,  supported  by  a  number  of  sources.  [Refs.  32,  68,  88-90,  etc.] 
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As  a  prelude  to  the  ensuing  discussion,  an  initial  view  of  the  template  is  provided  in 
Table  1 1 .  Each  entry  will  be  discussed  in  at  least  some  detail  during  the  course  of  this  section. 


CATEGORY 

SUBCATEGORY 

COMPONENTS 

Tangible 

Politics 

Domestic 

Foreign 

Economics 

Commerce 

Finance 

Industry 

Natural  Resources 

Agriculture 

Manufactured  Goods 

Essential  Systems 

T  elecommunications 

Power  Generation/Distribution 

Water  Supplies  and  Sewage 

Heating/Cooling 

Transportation 

Space 

Geography 

Physical 

Environment 

Military  Forces 

Personnel 

Doctrine 

Systems 

Intangible 

Culture 

N/A 

Interests  and  Goals 

N/A 

History 

N/A 

Table  11.  Offensive  Information  Warfare  Infrastructure  Template. 

This  template  is  in  the  form  of  an  “infrastructure”.  In  this  context,  “infrastructure”  is  defined  as 


no 


the  collection  of  those  items  that  can  be  used  in  constracting  OIW  target  sets.  The  discussion  of 
the  template  includes  some  of  the  things  that  comprise  the  particular  subcategory  or  component, 
as  well  as  some  of  the  OIW  tools  and  techniques  that  can  be  used  for  imdermining  that  portion  of 
the  infrastructure.  Some  areas  of  this  infrastructure  template  obviously  lend  themselves  better  to 
OIW  than  do  others.  As  a  result,  some  parts  of  the  template  will  receive  only  the  briefest  of 
attention  while  others  will  be  addressed  at  some  length.  One  should  also  keep  in  mind  that  this 
template  could  also  be  used  to  some  . extent  for  waging  more  conventional  forms  of  war.  Finally, 
again,  the  discussion  of  this  template  is  not  meant  to  be  all-inclusive,  but,  rather,  to  provoke 
further  thought  on  the  subject. 

1.  Tangible 

The  two  major  categories  in  the  infrastructure  template  are  Tangible  and  Intangible. 
Tangible  is  meant  to  be  those  things  that  can  be  easily  seen  or  touched  by  OIW  tools  and 
techniques,  either  physically  or  pseudo-physically.  Intangible  is  meant  to  be  those  things  are  that 
are  not  easily  definable  or  touchable,  yet  can  still  be  influenced  by  OIW  (and  often  should  be  the 
primary  focus).  The  Tangible  category  includes  subcategories  for:  Politics,  Economics,  Industry, 
Essential  Systems,  Geography,  and  Military  Forces. 
a.  Politics 

The  first  subcategory  is  Politics.  It  consists  of  two  main  components:  Domestic 
and  Foreign.  This  subcategory  is  a  logical  starting  point  for  a  discussion  of  a  country’s 
infrastructure.  This  is  the  leadership  of  a  country.  It  is  perhaps  the  most  critical  node  in  the 
whole  infrastructure.  In  the  Warden  model,  leadership  is  in  the  center,  and  thus  most  important, 
ring.  Great  military  thinkers  throughout  history  {e.g. ,  Sun  Tzu,  Clausewitz,  etc.)  have 
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continuously  addressed  the  importance  of  leadership,  both  political  and  military.  A  nation 
ultimately  receives  its  orders  to  fight  from  its  political  leadership,  not  its  military  leadership 
(although  they  may  be  one  and  the  same  in  some  cases).  Offensive  Information  Warfare  can  be 
used  not  only  against  a  nation’s  foreign  policy,  but  also  against  its  domestic  one. 

Attacks  against  the  political  components  are  often  the  ultimate  goal  of  an 
attacking  force.  Although  direct  attacks  on  the  political  arm  are  rare,  almost  every  other 
subcategory  of  attacks  discussed  herein  will  influence  politics  in  some  way  or  another.  These 
types  of  attacks,  where  the  political  branch  is  a  primary  strategic  target  from  a  tactical  or 
operational  attack  on  another  subcategory,  will  not  be  addressed  until  the  following  section. 
There,  the  synergistic  nature  of  the  entire  template  will  be  considered  in  more  detail.  This 
subcategory  is  concerned  mostly  with  ways  to  directly  influence  or  target  the  politics  of  a  nation. 

(1)  Foreign.  The  most  obvious  use  of  01 W  in  a  political  arena  would  be 
against  an  enemy’s  foreign  policy.  The  intuitive  goal  is  to  influence  that  policy  in  favor  of  the 
friendly  {i.e.,  attacking)  nation.  For  example,  attacks  against  the  foreign  policy  of  an  enemy 
could  have  the  goal  of  swaying  international  opinion.  A  series  of  video-morphed  and  voice- 
synthesized  newsclips,  similar  to  those  discussed  in  the  previous  chapter,  could  be  used  to  moimt 
a  “smear”  campaign  to  discredit  the  enemy  in  the  international  community.  Other  attacks  could 
target  critical  supporting  systems  for  that  government.  For  example,  a  Denial  of  Service  (DOS) 
attack  could  flood  an  enemy  leader’s  computer  networks  at  a  time  when  such  networks  are 
critical.  Other  hacking  or  virus  attacks  could  disable  or  degrade  those  same  systems.  These  are 
but  a  few  examples  of  the  many  possibilities. 
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(2)  Domestic.  Another  way  to  influence  the  political  sphere  of  an  enemy 
is  by  targeting  its  domestic  politics.  The  goal  could  be  anything  from  destroying  the  “will  of  the 
people”  (although  this  more  aptly  falls  into  the  “Intangible”  category  discussed  later  in  this 
chapter)  to  influencing  local  elections.  In  the  first  case,  the  same  newsclips  of  atrocities 
mentioned  could  influence  public  domestic  opinion  against  the  de  facto  regime.  If  internal 
elections  are  largely  automated  in  the  second  case,  hacking  attacks  could  be  used  to  modify  the 
results  of  an  election  to  the  point  where  candidates  who  are  more  amenable  to  the  attacking  force 
are  elected.  Again,  the  possibilities  are  endless.  The  ultimate  goal  in  these  types  of  attacks  is  to 
produce  internal  unrest.  This  unrest  could  range  from  annoying  (such  that  the  government  is 
distracted  from  the  international  scene)  to  revolutionary  (the  people  become  so  dissuaded  that 
they  want  a  radical  change).  Perhaps  this  latter  scenario  is  a  bit  farfetched,  but  it  is  still  definitely 
feasible. 

b.  Economics 

The  next  subcategory  is  Economics,  which  has  components  of  Business  and 
Finance.  Business  is  meant  to  include  those  organizations  that  deal  in  the  buying  and  selling  of 
goods.  Finance  in  this  context  includes  the  monetary  systems  of  a  coimtry  (eg.,  banks,  stock 
markets,  etc.).  The  economics  category  is  absolutely  critical  to  any  OIW  campaign.  The  world 
in  increasingly  reliant  on  economic  well-being  in  the  international  community.  This,  in  turn, 
affects  the  domestic  economic  domain  (and  vice  versa).  Weak  links  in  economic  systems  present 
definite  COGs  that  could  be  exploited.  As  a  result  of  the  importance  and  complexity  of  the 
Economic  subcategory  in  the  world  today,  a  somewhat  detailed  discussion  of  the  process  and 
possibilities  is  essential. 
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An  outstanding  publication  from  the  Air  University  Press,  entitled  Beyond  The 
Industrial  Web:  Economic  Synergies  and  Targeting  Methodologies,  provides  some  insight  into 
the  diversity  and  eomplexity  of  modem  economies,  as  well  as  a  discussion  of  their  importance. 
Although  this  work  was  written  with  the  idea  of  exploiting  conventional  air  power,  many  of  the 
same  ideas  can  be  directly  or  indirectly  tied  to  Information  Warfare.  The  following  discussion  on 
some  of  these  ideas  presents  many  common  themes  and  problems  with  any  IW  attack  {e.g, 
complexity  of  the  systems  involved,  amount  of  knowledge  required  by  the  attacking  force,  etc.). 
Most  of  these  ideas  vdll  be  revisited  either  later  in  this  chapter  or  in  the  following  chapter. 

A  modem  economic  system  is  a  complex  one,  and  it  is  subject  to  Complexity 
Theory.  Thus,  all  modem  economic  systems  display  several  common  characteristics  derived  from 
Complexity  Theory.  First,  the  various  components  of  the  system  tend  to  interact  with  each  other 
which  causes  the  formation  of  a  global  behavior  of  the  system  {i.e.,  the  whole  is  greater  than  the 
sum  of  the  parts).  This  global  behavior  is  not  totally  predictable,  regardless  of  the  amount  of 
detailed  information  that  is  available  about  the  system.  When  looking  at  a  complex  economic 
system,  one  needs  to  look  at  the  highest  level  {i.e.,  the  system  as  a  whole  rather  than  the 
individual  parts).  Second,  complex  systems  tend  to  adapt  to  their  environment,  forming 
instinctive  (but  still  complex)  groupings.  Third,  complex  systems  become  more  complex  over 
time,  evolving  “toward  the  edge  of  chaos”[Ref.  92]  Finally,  complex  systems  can  process 
information.  They  can  react  to  changes  to  their  environment.  The  bottom  line  is  that  complex 
systems  appear  to  be  a  living  entity  rather  than  a  series  of  inert  components.  [Ref.  92] 

From  this  explanation  of  modem  economies  as  complex  systems,  one  can  see  that 
targeting  them  is  not  trivial.  Traditional  analysis  methodologies  will  not  work  against  complex 
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systems.  Indeed,  a  paradigm  shift  is  needed.  Only  when  such  a  shift  takes  place  can  effective 
targeting  occur.  [Ref.  98]  Information  Warfare  is  no  different;  a  change  in  basic  beliefs  and 
thought  processes  is  necessary  before  it  can  be  fully  exploited.  Based  on  the  fundamental  change 
required  in  each  case,  Information  Warfare  appears  to  be  the  perfect  weapon  for  targeting 
complex  economic  systems. 

To  reiterate  a  key  point,  economics  is  perhaps  the  most  critical  component  in  the 
world’s  structure  today  .  Perhaps  the  best  way  to  succinctly  explain  the  rapid  changes  in  the 
world  economic  community  over  the  last  twenty  years  is  to  present  a  quotation  from  an  essay 
entitled  “Economic  Warfare:  Targeting  Financial  Systems  As  Centers  of  Gravity”  in  which  the 
author  states: 


The  late  1970s  produced  rapidly  expanding  and  generally 
nondiscriminatory  trade  large-scale  and  rapid  movement  of  funds  from  one 
financial  center  to  another,  and  the  rapid  grovrth  of  multinational  enterprises. 

Advances  in  transportation  and  communications  technology  have  accelerated  the 
interdependence.  This  economic  interdependence  has  made  national  and 
international  financial  institutions  critical  to  the  smooth  operations  of  nation-state 
economies.  [Ref.  93] 

This  quotation  not  only  shows  the  growth  in  importance  of  economics  in  the  world  order,  it  also 
shows  its  relationship  to  other  critical  systems,  such  as  telecommimications  and  transportation. 
One  should  note  also  that  those  other  systems  are  discussed  as  separate  entries  of  this 
infrastructure  template.  Towards  the  end  of  the  chapter,  the  discussion  will  focus  on 
considerations  for  this  template,  including  the  relationship  between  template  elements. 

One  widely-accepted  measure  of  the  economic  power  of  any  given  country  is  its 
gross  domestic  product  (GDP).  GDP  includes  a  conglomeration  of  five  elements:  banks,  stock 
markets,  foreign  debt,  value  of  exports,  and  value  of  imports.  These  five  items  are  not  directly 


115 


additive;  rather,  they  have  a  linear  regression  relationship  (i.e.,  the  interaction  between  elements 
must  also  be  considered).  [Ref.  93] 

The  goal  of  an  OIW  attack  against  an  economic  system  should  be  to  affect  the 
GDP  of  the  target  country.  Target  sets  would  be  drawn  from  the  five  GDP  elements.  However, 
one  must  also  keep  in  mind  the  characteristics  of  complex  economies.  Only  by  maintaining  a 
“system-high”  perspective  will  effective  attacks  be  possible.  The  five  GDP  elements  could  be 
also  be  further  partitioned  for  easier  understanding  into  a  Commerce  component  and  a  Finance 
component. 

(1)  Commerce.  Commerce  is  the  practice  of  exchanging  goods. 

Therefore,  the  exports  and  imports  elements  of  GDP  can  be  easily  grouped  together  as  a 
convenient  target  set.  OIW  attacks  here  could  take  the  form  of  intrusive  computer  attacks 
(hacking)  that  result  in  changes  to  bills  of  lading,  price  fluctuations,  changes  in  destination  or 
quantity,  or  any  number  of  other  items. 

For  example.  Country  X  routinely  trades  with  Country  Y.  After  covertly 
penetrating  Country  X’s  networked  commerce  system,  Country  Z  manipulates  it  using  OIW. 

This  results  in  some  of  Coimtry  X’s  shipments  to  Country  Y  to  be  sent  somewhere  else.  Of  those 
goods  that  do  arrive,  they  are  of  the  wrong  type  or  wrong  quantity.  After  a  period  of  time. 
Country  Y  gets  tired  of  not  getting  what  it  paid  for  and  finds  another  trading  partner.  Country  X 
eventually  traces  the  problem  to  “unexplained  computer  glitehes”.  Of  course,  it  is  too  late  to 
convince  Country  Y  of  this  fact.  As  a  result.  Country  X  loses  a  trading  partner,  their  GDP 
suffers,  and  they  lose  status  in  the  international  community.  Country  Z  has  succeeded  in 
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weakening  Country  X  without  firing  a  single  shot  and  without  Country  X  knowing  about  the 
attack. 

(2)  Finance.  The  other  three  elements  of  the  GDP  (banks,  stock  markets, 
and  foreign  debt)  can  be  placed  together  to  form  a  Finance  component.  Since  most  monetary 
transactions  these  days  are  performed  electronically,  the  OIW  potential  in  this  area  is  great. 
Databases  of  transactions  could  be  corrupted  with  a  virus.  Hacking  attacks  could  change  the 
prices  of  goods  for  unexplainable  reasons,  resulting  in  massive  market  fluctuations.  Debt 
payments  could  be  rerouted  to  a  numbered  Swiss  bank  account.  DOS  attacks  could  shut  down 
entire  portions  of  a  stock  market,  resulting  in  large  monetary  losses.  The  end  result  is  a 
decreased  GDP  in  the  target  country. 

Economic  IW  attacks  are  very  powerful  options  in  time  of  conflict.  The  results 
can  be  quickly  devastating  and  far-reaching.  Of  course,  these  types  of  attacks  could  also  trigger 
events  in  the  world  markets.  Great  care  must  be  exercised  to  ensure  an  OIW  attack  does  not 
inadvertently  lavmch  the  world  into  an  economic  tailspin.  Although  these  types  of  attacks  are 
formidable,  they  are  extremely  difficult  to  accomplish,  mainly  due  to  the  complexity  of  systems 
involved. 

c.  Industry 

Another  piece  of  the  infrastructure  template  is  Industry.  This  subcategory  consists 
of  three  major  components:  Natural  Resources,  Agriculture,  and  Manufactured  Goods.  Attacks 
here  can  often  be  coupled  with  economic  attacks  to  achieve  the  same  common  results  (a  decrease 
in  GDP).  Again,  extreme  caution  must  be  exercised  to  avoid  any  unintended  damage. 
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(1)  Natural  Resources.  Natural  Resources  are  vital  to  any  country’s 
survival.  They  form  the  starting  point  for  manufactured  goods  that  are  either  exported  or  used 
internally.  If  a  country  does  not  possess  certain  natural  resources,  then  they  are  at  the  mercy  of 
the  international  community  to  provide  those  resources.  In  an  01 W  campaign,  propaganda 
attacks  (in  the  form  of  specially  prepared  newspaper  and  magazine  articles  along  with  voice- 
synthesized  radio  broadcasts  and  video-morphed  newsclips)  could  isolate  a  country  from  the  rest 
of  the  world,  thus  denying  them  their  required  resources.  Internal  resources  could  also  be 
affected.  For  example,  oil  pipelines  that  are  computer-controlled  could  be  shut  down  with  a 
simple  virus.  One  can  easily  see  that  something  as  unlikely  as  natural  resources  can  also  be  an 
OIW  target. 

(2)  Agriculture.  Agriculture  also  presents  potentials  for  OIW.  Specific 
targets  could  be  any  number  of  specialized  industries,  from  farmed  goods  to  livestock.  Perhaps 
the  best  example  can  be  dravm  from  the  recent  “Mad  Cow”  disease  scare  in  Great  Britain.  That 
country  is  taking  steps,  after  almost  being  forced  to  by  the  European  Union  and  world  opinion,  to 
slaughter  over  eleven  million  cattle.  This  will  be  a  crippling  blow  to  that  livelihood.  What  if  the 
whole  thing  were  a  farce,  a  deliberate  attack  launched  by  another  country?  Scientific  studies 
could  be  forged.  Samples  are  possibly  tested  by  computers.  That  data  can  be  changed  to  meet  a 
given  set  of  criteria.  Coupling  this  whole  process  is  a  massive  media  campaign  (the  roots  are 
planted  and  the  “real”  media  takes  over,  accomplishing  the  attacking  country’s  goals  quite 
nicely).  Again,  the  results  could  be  devastating,  and  the  victim  country  is  never  even  aware  that 
the  whole  thing  has  been  fabricated. 
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(3)  Manufactured  Goods.  Manufactured  goods  can  also  be  influenced  by 
OIW.  Some  of  that  was  seen  in  the  discussion  of  commerce  above  (goods  could  be  rerouted). 
Other  potentials  also  exist  in  this  area.  Studies  for  the  demand  of  various  products  could  be 
tampered  with,  resulting  in  either  a  glut  or  a  shortage  of  certain  products.  Automated  assembly 
lines  could  be  shut  down.  For  example,  if  the  assembly  line  in  a  Chrysler  assembly  plant  is  shut 
down  for  more  than  twenty  minutes,  that  entire  shift  of  workers  is  sent  home.  [Ref.  94]  This 
results  not  only  in  lost  revenue  for  the  plant  and  possibly  a  shortage  of  vehicles  (which  in  turn 
could  lead  to  higher  prices  of  vehicles,  etc.)  but  also  in  lost  wages  to  the  employees  (who  become 
disgruntled  and  go  on  strike,  etc.).  Imagine  if  all  of  that  were  to  be  accomplished  by  a  carefully 
inserted  Trojan  Horse? 

Industry  presents  a  very  lucrative  target  for  OIW.  Not  many  people  think  to 
protect  these  kinds  of  systems.  Even  if  they  do,  probably  not  a  lot  of  time  and  effort  are  spent  on 
them.  After  all,  the  goal  is  to  make  money,  and  if  there  is  no  real  threat  (adopting  the  possible 
industry  mentality  for  a  moment),  why  spend  the  money  on  expensive  protections?  Besides,  do 
not  banks  and  stock  markets  make  much  better  targets,  with  lots  of  money  so  easily  available? 

d.  Essential  Services  Systems 

Another  very  important  subcategory  in  the  template  is  Essential  Systems.  This 
subcategory  is  comprised  of  at  least  six  major  components:  Telecommunications,  Power 
Generation  and  Distribution,  Water  Supplies  and  Sewage,  Heating  and  Cooling,  Transportation, 
and  Space.  These  Essential  Services  Systems  are  the  things  that  most  people  think  of  when  they 
think  of  a  country’s  infrastructure  (of  course,  this  thesis  has  broadened  that  definition  to  include 
many  more  things).  Since  the  first  two  components  (Telecommunications  and  Power 
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Generation  and  Distribution)  can  possibly  have  a  large  impact  on  many  of  the  other  components 
in  this  template,  each  will  be  discussed  in  some  detail  in  this  chapter. 

(1)  Telecommimications.  Telecommunications  are  an  essential  part  of 
today’s  world.  As  one  of  the  key  aspects  of  the  Third  Wave  revolution,  telecommunications 
have  become  almost  indispensable  in  almost  facet  of  world  society,  to  some  degree  or  another. 

As  a  result,  telecommimications  systems  should  be  considered  as  prime  targets  for  employing 
Offensive  Information  Warfare. 

Another  outstanding  treatise  from  the  Air  University  Press,  entitled  Taking 
Down  Telecommunications,  provides  great  insight  into  the  structure,  vulnerabilities,  and 
targeting  methods  for  telecommunications  systems.  Although  the  work  predates  the  most  recent 
discussions  of  OIW  (1994),  it  still  stands  as  a  masterpiece  of  Third  Wave  thinking  (without  the 
author  even  realizing  that  fact).  This  document  serves  as  the  inspiration  for  the  somewhat 
lengthy  (in  comparison  to  other  parts  of  this  chapter)  discussion  of  telecommunications  that 
follows. 

The  importance  of  telecommunications,  along  with  a  brief  discussion  of 

some  of  the  enabling  technologies,  was  addressed  in  Chapter  IV.  To  reiterate  this  importance, 

one  can  turn  to  the  first  page  of  Taking  Down  Telecommunications: 

It  [telecommunications]  permeates  every  face  of  society,  thus  allowing 
exploitation  of  information  throughout  the  conflict  spectrum  at  the  tactical, 
operational,  and  strategic  levels.  Because  of  its  data  transfer  capability  and  its 
mobility,  telecommunications  continues  to  increase  in  importance  as  a  medium  to 
direct  our  national  instruments  of  power.  Conversely,  we  must  strive  to  deny  the 
enemy  the  use  of  their  telecommunications.  [Ref  95] 
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A  structured  methodology  for  “taking  down  telecommunications”  is  the  goal  in  this  portion  of 
the  chapter.  Along  the  way,  critical  factors  (e.g.,  structure  of  systems,  vulnerability  analysis,  etc.) 
will  all  be  examined. 

Prior  to  targeting  any  telecommunications  system,  a  detailed  working 
knowledge  of  that  system,  as  well  as  its  interaction  with  other  systems  and  itself,  is  absolutely 
necessary.  Like  modem  economic  systems,  modem  telecommunications  systems  are  extremely 
complex.  As  a  result,  the  same  ideas  that  were  elaborated  upon  in  the  discussion  of  economic 
systems  also  apply  here  (i.e.,  adaptiveness  to  environment,  evolution  toward  chaos,  etc.).  Some 
of  the  workings  of  telecommunications  systems  were  introduced  in  Chapter  IV. 

To  further  explore  the  intimacies  of  targeting  telecommimications  systems. 
Figure  10  (on  the  following  page)  presents  a  methodology  for  conducting  vulnerability  analysis. 
Although  this  diagreim  is  almost  a  direct  reprint  from  Taking  Down  Telecommunications  (which 
really  does  not  address  Information  Warfare  per  se),  it  is  still  an  outstanding  tool  for  preparing 
OIW  target  sets  against  telecommunications.  By  the  end  of  the  deliberation  about  this  diagram, 
the  reader  should  be  familiar  with  the  multitude  of  factors  involved  in  targeting 
telecommunications  systems. 

The  Telecommunications  Vulnerability  Assessment  Methodology  shown 
in  Figure  10  can  be  broken  down  into  basically  three  parts:  systems  analysis  (shown  on  the  y-axis 
by  the  entries  imder  the  boldfaced  and  underlined  “Physical  Categories”  and  “OSI  Layers”), 
“Perspectives”  (shown  by  the  entries  on  the  x-axis  at  the  top  of  the  diagram),  and  “Vulnerability 
Questions”  (shown  by  the  entries  along  the  z-axis  of  the  diagram).  Each  part  is  discussed  in 
further  detail  below. 
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PERSPECTIVES 


Figure  10.  Telecommunications  Vulnerability  Assessment  Model. [From  Ref.  95] 

The  systems  analysis  portion  consists  of  two  parts:  Physical  Categories 
and  OSI  Layers.  The  Open  Systems  Interconnection  (OSI)  Model  is  a  set  of  seven  layers,  each  of 
which  performs  separate  functions.  Together,  they  form  the  total  system.  The  OSI  Model  is  an 
increasingly  popular  way  to  analyze  and  construct  computer  systems.  Since  the  majority  of 
modem  telecommunications  systems  are  now  computerized,  this  model  is  very  appropriate  to 
their  study. 


The  seven  layers  are  shown  below  [Ref  95],  along  with  a  brief  description 


of  each  : 


Physical  Layer  —  This  is  the  most  basic  level.  It  is  essentially  the  hardware 
requirements  (i.e.,  voltages,  pin  numbers,  etc.)  for  information  transfer. [Ref  95] 
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•  Data  Link  Laver  —  “This  layer  regulates  the  flow  of  information  bits.”[Ref.  95] 

•  Network  Laver  —  The  algorithms  that  control  the  transportation  of  packets  of  data 
reside  in  this  layer.  This  layer  also  knows  the  layout  of  the  network.  [Ref.  95] 

•  Transport  Layer  —  This  layer  is  responsible  for  establishing  and  maintaining 
connections  between  users  of  a  network,  even  those  using  dissimilar  systems.  [Ref. 
95] 

•  Session  Layer  ~  Synchronization  of  users  is  the  purpose  of  this  layer.  Here  is 
where  the  controlling  algorithms  for  user  connections  are  held.  [Ref.  95] 

•  Presentation  Layer  --  This  is  the  syntax  layer.  This  is  where  different  types  of 
computer  languages  can  interface.  Encryption  can  also  occur  in  this  layer.  [Ref 
95] 

•  Application  Layer  —  This  is  the  layer  where  the  user  interfaces  with  the  computer. 
Algorithms  are  system-specific  here,  providing  information  to  the  user  in  a 
recognizable  form.  [Ref.  95] 

A  distinction  between  the  first  six  layers  and  the  final  layer  can  be  made.  The  first  six  layers 
contain  the  protocols  for  the  system;  exploitation  of  those  layers  can  affect  other  systems.  The 
Application  Layer  is  user-specific;  it  can  be  used  for  directed  attacks  (against  a  particular  user  or 
a  particular  terminal).  On  the  other  hand,  a  virus  that  is  introduced  at  the  Network  Layer  could 
possibly  affect  any  other  system  on  the  network.  This  may  or  may  not  be  the  purpose  of  a  given 
attack.  Thus,  one  can  easily  see  that  an  in-depth  knowledge  of  an  enemy’s  networks  is  necessary, 
as  well  as  a  plan  that  covers  all  possible  contingencies,  prior  to  commencing  OIW 
hostilities.  [Ref.  95] 

The  other  half  of  the  systems  analysis  group,  shown  under  the  heading 
“Physical  Categories”,  are  the  three  actual  physical  characteristics  of  the  system  in  question. 

First,  Topology  denotes  the  actual  physical  layout  of  the  telecommuncations  network.  Next, 
Siting  is  the  physical  location  of  all  components  and  supporting  facilities  of  the  network.  Finally, 


123 


Equipment  deals  with  the  physical  properties  of  the  equipment  used  by  the  network  components 
(i.e,  transmission  media,  modulation  scheme,  etc.).  An  examination  of  the  physical  categories  of 
a  telecommunications  system  is  necessary  to  determine  common  threads  and  vulnerabilities  as 
well  as  matching  of  OIW  tools  and  techniques. [Ref.  95]  For  example,  an  EMP  bomb  might  be 
more  effective  against  a  telecommuncations  system  that  relies  heavily  on  microwave  towers  than 
against  one  that  is  almost  exclusively  connected  by  underground  fiber-optics  cables.  In  another 
case,  if  the  enemy  has  the  majority  of  the  primary  and  backup  system  components  in  plain  view, 
physical  destruction  might  be  the  preferred  attack  method  {i.e.,  area  bombing). [Ref.  95] 

The  next  major  part  of  the  Telecommuncations  Vulnerability  Assessment 
Model  is  “Perspectives”  (again  shown  along  the  x-axis  at  the  top  of  Figure  10).  This  portion 
consists  of  five  factors.  They  are  listed  below,  along  with  almost  a  verbatim  description  from 
Taking  Down  Telecommunications: 

•  Configuration  --  This  perspective  concerns  itself  with  the  “physical  properties  of 
'  the  network”.  [Ref  95] 

•  Access  —  Here  one  is  looking  at  “susceptibility  to  enemy  access  into  the 
system”.  [Ref.  95] 

•  Protocols  —  The  question  of  interest  here  is  “once  access  is  gained,  how 
susceptible  are  the  system’s  data  transfer  service,  routing,  flow  control,  etc.”?[Ref. 
95] 

•  Management  &  Control  —  This  perspective  deals  with  “information  concerning 
network  ability  to  adapt  to  congestion,  adaptive  routing,  etc.”.  [Ref.  95] 

•  Information  -  Here  the  focus  is  “mission-related  information  actually  reviewed  by 
a  user/decision  maker”.  [Ref.  95] 

Appendix  A  of  Taking  Down  Telecommunications  contains  lists  of  over  140  specific  questions 
that  address  these  perspectives.  This  is  an  excellent  source  of  information,  and  the  reader  is 
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referred  to  it  for  an  in-depth  look  at  the  kind  and  detail  of  knowledge  that  is  required  to  target  a 

telecommunications  network.  These  kinds  of  attacks  are  far  from  trivial. 

Now  one  can  combine  the  x  and  y  axes  of  Figure  10  to  see  where  each 

affects  the  other.  For  example,  the  Presentation  Layer  and  the  Application  Layer  are  concerned 

with  all  five  of  the  Perspectives  discussed  above.  On  the  other  hand,  the  entire  “Physical 

Categories”  portion  of  the  systems  analysis  axis  is  only  affected  by  the  Configuration  Perspective 

(which  fits  what  one  would  expect).  One  will  also  notice  that  six  of  the  seven  OSI  Model  Layers 

are  influenced  by  at  least  four  of  the  five  perspectives.  The  relationships  between  these  two  axes 

are  extremely  complex  and  detailed.  The  reader  is  again  referred  to  Appendix  A  of  Taking  Down 

Telecommunications  for  some  of  the  specific  information  items  required. 

The  final  piece  of  this  methodology  is  the  z-axis,  which  contains  four 

“Vulnerability  Questions”.  These  questions  can  be  most  easily  explained  by  a  direct  quotation; 

First,  how  susceptible  is  a  system  architecture  to  interference.  Second,  to  what 
extent  can  one  intercept  network  information  flow  describing  how  the  system 
works  thereby  gain[ing]  the  knowledge  necessary  to  disrupt  the  network.  Third,  is 
it  possible  to  gain  access  to  the  network  to  interfere  with  its  fimctions.  Fourth,  is 
it  feasible  to  attack  the  system  {e.g. ,  do  the  objectives  of  attacking  or  penetrating 
the  system,  or  parts  of  it,  justify  dedicating  the  resources  required  to  obtain  those 
objectives). [Ref.  95] 

One  must  answer  all  four  of  these  questions  for  every  entry  in  the  x  and  y  matrix.  Only  if 
satisfactory  answers  for  all  four  questions  can  be  obtained  can  the  telecommunications  network 
be  assumed  to  be  vulnerable  to  an  OIW  attack.  If  satisfactory  answers  cannot  be  obtained  in  each 
case,  the  chances  of  success  are  probably  not  very  high.  [Ref.  95] 

The  discussion  presented  here  for  using  OIW  attacks  against  modem 
telecommxmications  systems  has  centered  around  a  stmctured  methodology.  This  detailed 
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methodology  focused  on  a  vulnerability  assessment  of  a  telecommunications  system.  Once  this 
highly  complex  assessment  is  complete,  only  then  can  the  right  kind  of  attack  be  planned  and 
executed.  Once  the  scope  is  set,  the  right  mix  of  OIW  tools  and  techniques  can  be  applied  to 
obtain  the  desired  goals. 

(2)  Power  Generation  and  Distribution.  Another  extremely  critical 
component  of  the  infrastructure  template  is  electric  Power  Generation  and  Distribution. 
Electricity  is  indispensable  in  the  modem  world.  Almost  every  system  discussed  in  this  chapter, 
especially  computer  systems,  rely  heavily  on  electricity  to  function.  Although  advances  are 
being  made  in  other  power  generation  media  {e.g.,  batteries  and  others  as  discussed  in  Chapter 
IV),  the  majority  of  the  industrialized  world  depends  on  electric  power  for  survival.  As  a  result, 
such  power  generation  and  distribution  systems  should  be  considered  as  vital  targets  for  OIW 
attacks. 

For  example,  electric  power  systems  could  (and  most  likely  are  for  the 
majority  of  countries  today)  critical  COGs  in  all  five  rings  of  the  Warden  Theory  (see  Figure  8 
and  accompanying  discussion).  If  electricity  were  lost,  the  innermost  ring  (Leadership)  would  be 
severely  degraded.  Communication  and  guidance  would  be  severely  handicapped.  Of  course, 
there  should  be  backup  systems,  but  these  will  most  likely  lack  the  power  and  sustainment  of  the 
primary  systems.  In  the  second  ring  (Organic  Essentials),  loss  of  electricity  would  mean  loss  of 
systems  that  supply  water,  refrigeration,  industry,  and  many  others.  If  the  loss  were  to  extend  to 
the  third  ring  (Infrastmcture),  then  such  things  as  transportation  sytems  become  affected.  Loss  of 
electricity  to  the  fourth  ring  (Population)  means  a  loss  of  power  to  the  homes  of  the  civilian 
population  (which  can  have  a  very  powerful  effect  on  the  Leadership  ring,  if  protracted).  Finally, 
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electricity  could  be  lost  to  the  last  ring  (Fielded  Forces).  Naturally,  the  effect  to  this  ring  would 
probably  be  felt  the  least  (because  of  backup  and  mobile  systems),  but  there  would  most  likely  be 
some  reliance  on  traditional  forms  of  electric  power  (e.g.,  mainframe  computer  systems).  [Ref 
96]  One  can  easily  see  the  heavy  reliance  on  electricity  in  all  facets  of  society. 

The  complexity  of  modem  electric  generation  and  distribution  systems 
demands  a  vulnerability  analysis  methodology,  similar  to  the  one  discussed  imder  the 
Telecommunications  component.  Luckily,  the  fmgal  origins  of  one  already  exist.  In  late  1994, 
Air  University  Press  released  what  proved  to  be  a  very  controversial  (because  it  was  cleared  for 
public  release)  work  entitled  Electric  Power  Simulation  (EPS)  Concept  Prototype:  Dropping  The 
Electric  Grid,  An  Option  For  The  Military  Planner.  (Kei.  96]  This  publication  and  its 
accompanying  software  tool  are  an  excellent  method  for  examining  electric  systems.  Both  the 
book  and  the  program  are  full  of  detailed  information  about  electric  systems.  Although  the 
prototype  lacks  much  of  the  functionality  promised  in  the  full  production  version,  it  still 
represents  an  excellent  starting  point  for  any  study  into  using  OIW  against  electric  systems.  Even 
though  the  publication  was  written  primarily  for  using  conventional  destmctive  weapons,  much 
of  the  same  thought  processes  can  be  applied  to  IW.  As  a  result,  this  discussion  of  Power 
Generation  and  Distribution  will  rely  heavily  on  this  work  as  an  example  of  the  type  of 
procedures  that  must  be  in  place  to  effectively  wage  OIW  in  the  electric  realm. 

In  the  EPS  text,  a  four  step  methodology  is  discussed.  The  steps  are  listed 
below  and  each  is  expoimded  upon  in  the  subsequent  paragraphs: 

•  Step  1 .  Component  Stmcture. 

•  Step  2.  System  Structure. 
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Step  3.  Criticalities  and  COGs. 


•  Step  4.  Vulnerabilities. 

This  methodology  will  serve  as  the  basis  for  the  examination  of  the  Power  Generation  and 
Distribution  component  of  this  template.  One  should  bear  in  mind  that  this  methodology  is  non¬ 
linear.  Also,  the  explanation  of  the  methodology  will  focus  on  thermal  generation  systems. 
Although  other  forms  do  exist  (e.g. ,  nuclear,  hydroelectric,  etc.),  time  and  space  do  not  permit  a 
detailed  discussion  of  each  type.  Furthermore,  the  preferred  fuel  for  most  thermal  plants  in  the 
world  today  is  coal  (by  a  factor  of  three  to  one).  [Ref  96] 

The  first  step  in  the  methodology  is  Component  Structure.  Here  one  is 
looking  at  the  physical  equipment  of  the  system  in  question.  Obviously,  some  knowledge  of 
what  comprises  a  given  system  is  necessary  before  targeting  it.  Although  different  power 
generation  plants  are  configured  differently,  they  all  have  almost  the  same  nine  subsystems. 
Those  nine  subsystems  are  listed  below,  along  with  a  brief  description  of  each: 

•  Generation  --  Basically,  in  this  step,  the  kinetic  energy  of  the  working  fluid  is 
converted  into  rotational  mechanical  energy.  [Ref  96]  This  rotating  mechanical 
energy  is  introduced  into  a  magnetic  field  which  generates  electricity. 

•  Step-up  Transformer  —  Transformers  (essentially  just  a  series  of  windings  for 
changing  voltage  values)  are  used  to  convert  the  relatively  low  voltages  produced 
by  the  generators  into  higher  voltages  that  are  acceptable  for  transmission.  [Ref 
96] 

•  Transmission  --  The  electricity  is  then  moved  through  conductors,  insulators, 
supports,  and  shield  wires.  These  are  the  power  lines  and  structures  that  are  seen 
everywhere.  Above-ground  transmission  is  generally  preferred  to  the  more  secure 
underground  transmission  because  the  latter  brings  with  it  a  tenfold  cost 
increase.  [Ref  96] 
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•  Switching  Stations  —  Switching  stations  are  used  to  partition  the  electric  power 
network  into  manageable  chunks  in  order  to  assist  troubleshooting  of 
problems.  [Ref.  96] 

•  Primary  Substations  —  These  facilities  are  used  to  step-down  the  voltage  from  the 
higher  transmission  values  into  those  that  are  more  manageable  for  further 
distribution.  These  sites  are  generally  unmanned  and  automated.  [Ref  96] 

•  Subtransmission  —  This  step  is  essentially  the  same  as  the  transmission  function 
discussed  above.  [Ref  96] 

•  Distribution  Substations  --  These  substations  are  similar  to  the  Primary 
Substations  except  they  are  located  closer  to  the  customer  and  control  less  area. 
They  are  also  unmanned.  [Ref  96] 

•  Primary  Distribution  —  At  this  point,  the  final  step-down  in  voltage  occurs  and  the 
electricity  is  distributed  to  the  customer.  This  distribution  generally  occurs  at  a 
pole-mounted  transformer  adjacent  to  the  customer’s  location. [Ref  96] 

•  Secondary  Networks  —  This  final  subsystem  is  generally  found  only  in  areas  of 
high  electricity  demand.  They  are  used  to  more  efficiently  distribute  the 
power.  [Ref  96] 

Of  course,  interspersed  throughout  all  of  these  subsystems  are  protective  features,  controls, 
overrides,  alarms,  etc.  Even  though  more  and  more  of  these  features  are  becoming  automated, 
there  will  probably  always  be  some  form  of  manual  switching  and  control  in  most  systems. 

The  second  step  in  the  EPS  methodology  is  System  Structure.  In  this  step, 
one  is  looking  at  the  entire  power  distribution  system  of  a  target  country.  At  this  level,  one  can 
easily  see  that  the  system  of  any  modem  country  will  be  highly  complex.  As  a  result,  the  same 
approach  to  complex  systems  that  was  discussed  under  the  Telecommunications  component  must 
also  be  applied  here.  The  interaction  between  subsystems  must  be  considered.  A  complex  power 
generation  and  distribution  system  will  appear  to  take  on  a  life  of  its  own  (in  keeping  with  the 
characteristics  of  a  complex  system).  [Ref  96]  Naturally,  an  analytical  approach  similar  to  Figure 
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10  in  the  Telecommunications  explanation  is  needed.  Luckily,  thought  has  already  started  in  this 
area  (in  the  form  of  the  EPS  software,  which  will  be  discussed  later). 

The  third  step  is  Criticalities  and  COGs.  Here,  the  goal  is  to  identify  what 
subsytems  and  locations  are  critical  to  the  entire  systems,  such  that  their  exploitation  will  cause 
serious  damage  to  the  enemy  and  meet  the  required  objectives.  These  critical  links  then  become 
COGs.  Many  factors  must  be  considered  in  making  these  decisions.  Some  of  these  include:  time 
to  repair,  cost  to  repair,  extent  of  impact,  etc.  [Ref  96] 

The  final  step  in  the  EPS  methodology  is  Vulnerabilities.  Now  that  the 
system  has  been  analyzed  and  COGs  identified,  the  next  logical  step  is  looking  for  weaknesses  in 
those  COGS.  In  its  discussion  of  this  phase,  the  EPS  book  falls  short  and  does  not  provide  many 
specifics  for  accomplishing  this.  Perhaps  this  is  due  to  the  enormous  scope  that  such  an 
explanation  would  entail.  One  solution  is  the  creation  of  a  vulnerability  assessment  matrix, 
similar  to  the  one  used  previously  in  the  discussion  of  telecommunications. 

Included  with  the  EPS  text  is  a  prototype  software  tool.  It  is  designed 
primarily  for  analysis  of  electric  grids.  Related  systems  (such  as  telecommuncations,  culture 
centers,  water,  etc.)  are  also  considered  in  the  analysis.  The  system  is  quite  user-fnendly;  in  fact, 
if  the  user  tries  to  perform  an  attack  that  is  not  on  an  optimal  COG,  the  program  informs  the  user 
of  that  fact.  Additionally,  the  system  contains  a  wealth  of  information,  complete  with  pictures 
and  diagrams,  about  the  details  of  the  various  types  of  power  generation  systems  that  exist  (e.g, 
nuclear,  hydroelectric,  etc.).  Although  this  system  was  designed  with  conventional  air  power  as 
the  delivery  platform,  the  transition  to  an  exclusively  OIW  system  is  feasible.  Unfortunately, 
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such  a  system  would  require  an  extensive  and  detailed  database  of  the  system  in  question  (this 
problem  will  be  revisited  in  the  next  chapter). 

With  this  entire  methodology  in  mind,  what  portions  of  a  power  generation 
and  distribution  system  should  be  exploited  using  OIW  tools  and  techniques?  Of  course,  there  is 
no  single  answer.  The  most  obvious  targets  might  be  control  centers.  Here,  hacking  attacks  can 
occur  and  malicious  software  can  be  injected.  Of  course,  physical  destruction  is  another  realistic 
option  (although  these  types  of  attacks  border  more  on  traditional  forms  of  warfare  than  IW). 
Other  methods  could  also  be  used.  Air-dropped  microbes  would  do  wonders  for  consuming 
exposed  electrical  components.  Well-placed  EMP  bombs  could  quickly  drop  portions  of  the 
electric  grid. 

One  needs  to  keep  in  mind  that  in  order  for  these  things  to  be  OIW  attacks, 
they  must  be  focused  on  epistemological  targets.  For  example,  the  dropping  of  an  electric  power 
grid  could  coincide  with  the  launching  of  a  Psychological  Operations  (PSYOPS)  campaign.  This 
campaign  could  be  directed  at  the  general  populous  to  undermine  their  will  and  support  for  their 
leadership.  If  the  electricity  is  down,  the  enemy  leadership  would  be  hard  pressed  to  refute  any 
false  information  that  is  broadcast  by  attacking  forces.  This  is  but  one  scenario  out  of  many  that 
could  be  used  in  conjunction  with  attacks  against  power  generation  and  distribution  systems. 

(3)  Water  Supplies  and  Sewage.  The  next  major  component  under 
Essential  Services  Systems  is  Water  Supplies  and  Sewage.  These  types  of  systems  are  absolutely 
vital  to  the  survival  of  any  nation  or  group  of  people.  As  a  result,  they  could  be  targets  for  OIW 
attacks  (most  likely  indirectly).  Perhaps  the  most  effective  technique  would  be  making  the 
enemy  and  its  people  believe  that  its  water  supply  is  contaminated.  An  extensive  PSYOPS 
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campaign  could  be  used  to  accomplish  this  goal.  The  impact  of  such  an  epistemological  attack 
could  be  enormous;  without  drinkable  water,  the  enemy  may  be  forced  to  capitulate.  After 
hostilities,  friendly  occupying  forces  make  motions  of  restoring  the  water  supply  (with  an 
“antidote”  for  example)  while  in  reality  nothing  is  changed  because  the  water  is  not  really  bad. 
The  end  result  is  achievement  of  friendly  objectives  with  minimal  losses,  and  the  enemy  is  none 
the  wiser  on  how  it  was  accomplished. 

(4)  Heating/Cooling.  Heating  and  Cooling  Systems  are  commodities  that 
are  taken  for  granted  in  large  parts  of  the  world  today.  Many  people  assume  that  a  prolonged  loss 
of  those  services  would  be  merely  an  inconvenience.  Would  they  still  be  saying  the  same  thing  if 
they  lived  in  a  very  cold  climate  and  all  of  their  natural  gas  supply  were  to  disappear  in  the 
middle  of  a  harsh  winter?  By  taking  over  the  computers  that  control  the  routing  of  natural  gas, 
this  scenario  is  possible.  Perhaps  a  better  way  would  be  the  corruption  of  a  database  in  a  natural 
gas  provider’s  computers.  “We’re  sorry.  Customer  A,  we  would  really  like  to  provide  our 
service  to  you,  but  our  records  show  that  you  have  not  paid  your  bill  in  four  months.  Have  a  nice 
day.”  If  this  were  to  be  accomplished  on  a  large  scale,  chaos  could  ensue.  This  is  but  one 
example  of  using  01 W  against  Heating  and  Cooling  Systems. 

(5)  Transportation.  Any  society,  and  especially  an  industrialized  one, 
relies  heavily  on  transportation.  People  and  goods  can  be  moved  from  one  comer  of  the  earth  to 
another  fairly  quickly.  Most  people  take  this  service  for  granted.  A  series  of  OIW  attacks  might 
make  them  think  again.  What  would  happen  if  the  air  traffic  control  networks  for  an  entire 
country  (a  large,  industrialized  one)  were  to  cease  fimctioning  over  a  holiday  weekend?  At  the 
same  time,  all  of  the  drawbridges  in  the  capital  city  become  stuck  in  open  position  because  of 
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“computer  problems”.  [Ref.  70]  To  make  matters  worse,  dl  of  the  traffic  light  controls  for  that 
city  also  go  down.  While  all  of  this  happening,  friendly  forces  launch  an  assault  on  the  capital 
city,  taking  advantage  of  the  chaos  to  quickly  seize  control.  As  this  scenario  shows,  01 W  can  be 
a  very  welcome  addition  to  a  warfighter’s  tool  chest. 

(6)  Space.  One  area  that  is  often  overlooked  when  thinking  of 
Information  Warfare,  and  the  final  component  under  Essential  Services  Systems,  is  Space.  The 
increasing  reliance  of  many  countries  on  timely  communications  systems  has  seen  a 
commensurate  increase  in  the  number  of  space-based  systems.  Some  of  those  systems,  as  well  as 
some  their  vulnerabilities,  were  discussed  in  Chapter  IV.  In  an  OIW  PSYOPS  campaign,  a 
necessary  first  step  might  be  gaining  access  to  a  communications  satellite  channel  (while 
jamming  other  channels  and  satellites).  Space  can  be  an  OIW  force  multiplier. 
e.  Geography 

The  next  major  subcategory  where  OIW  can  be  exploited  is  Geography.  This 
subcategory  can  be  further  defined  by  the  components  Physical  and  Environment.  One  may  think 
that  geography  would  not  even  be  considered  in  OIW  planning.  Although  the  possibilities  are 
limited,  some  do  exist. 

(1)  Physical.  The  Physical  aspect  of  this  template  is  more  of  a 
consideration  for  OIW  than  a  targetable  area.  Geography  can  influence  the  planning  for  an  OIW 
campaign.  The  type  of  terrain  involved,  the  size  of  the  area  in  question,  geographic  limitations  to 
both  friendly  and  enemy  forces  [Ref  93]  are  all  things  that  must  be  looked  at  in  planning  OIW 
attacks.  Based  on  such  an  analysis,  different  types  of  OIW  tools  or  techniques  might  be 
preferable  or  prohibitive.  For  example,  a  communications  outpost  that  is  located  high  on  a 
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remote  cliff  might  not  be  an  optimal  target  for  a  HERF  gun  or  a  Van  Eck  detector.  In  any  case, 
the  physical  features  of  a  country  are  factors  which  should  be  addressed. 

(2)  Environment.  A  related  component  is  the  Environment.  The  world  is 
becoming  more  and  more  environmentally  conscious.  As  a  result,  people  do  not  like  to  see 
damage  done  to  the  environment.  A  carefully  orchestrated  PSYOPS  plan  could  create  false 
pretenses  in  a  target  country  that  environmental  damage  is  being  done  by  their  own  government. 
This,  in  turn,  could  create  dissatisfaction,  undermine  the  will  of  the  people,  etc.  Also,  the 
environment  must  be  considered  when  planning  an  OIW  campaign.  By  sending  other  systems 
(e.g.,  electric,  industry,  etc.)  that  have  direct  ties  into  the  environment  (e.g.,  emergency  waste 
dumps  into  rivers,  etc.)  into  chaos,  the  possibility  exists  for  real  environmental  disaster.  Of 
course,  this  is  probably  not  something  a  reasonable  coimtry  would  want  to  do. 
f.  Military  Forces 

The  final  item  to  consider  on  the  Tangible  side  of  the  infi'astructure  template  is 
Military  Forces.  Military  Forces  make  an  obvious  target  for  any  type  of  warfare,  including 
Information  Warfare.  The  Military  Forces  subcategory  discussed  here  is  directly  related  to  the 
Fielded  Forces  ring  in  the  Warden  Five  Rings  Theory  mentioned  previously.  Thus,  it  is  a  critical 
COG  of  an  enemy  and  should  be  targeted.  The  three  components  of  the  Military  Forces 
subcategory  are:  Persormel,  Doctrine,  and  Systems. 

(1)  Personnel.  The  people  that  comprise  the  Military  Forces  of  the  enemy 
are  OIW  targets.  The  most  obvious  OIW  technique  against  humans  is  PSYOPS.  Several 
examples  of  these  kinds  of  attacks  have  been  mentioned  in  this  chapter  and  the  previous  one. 

The  goal  here  would  be  deceive  the  enemy’s  military  personnel  to  the  point  where  they  would 
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lose  faith  in  their  leadership  and  not  want  to  fight  anymore.  This,  obviously,  would  give  friendly 
forces  a  tremendous  advantage.  Even  if  they  do  not  surrender  or  run  away,  an  effective  PSYOPS 
campaign  could  plant  seeds  of  doubt  in  the  minds  of  the  enemy  soldiers  that  make  them  hesitate 
at  a  critical  moment. 

(2)  Doctrine.  The  second  component  that  could  be  attacked  under  the 
Military  Forces  subcategory  is  Doctrine.  This  component  could  almost  be  considered  as  an 
intangible  element  of  this  template.  However,  if  one  considers  the  doctrine  as  just  the  actual 
methodology  for  warfighting  and  ignores  the  underlying  beliefs  for  it,  then  this  is  the  right  place 
for  doctrine.  Using  OIW  against  a  coimtry’s  beliefs  will  be  examined  in  the  Intangible  portion  of 
the  template.  By  gaining  insight  into  military  doctrine,  attacking  forces  could  derive  operational 
and  tactical  COGs  that  could  be  exploited.  For  example,  if  a  review  of  doctrine  reveals  that  in  a 
given  situation,  enemy  forces  will  always  react  a  certain  way,  this  fact  could  be  manipulated 
using  OIW  tools  and  techniques  to  achieve  a  desired  goal. 

(3)  Systems.  The  final,  and  most  obvious,  component  of  the  Military 
Forces  subcategory  is  Systems.  Any  military  force  is  going  to  rely  on  a  given  set  of  systems  to 
support  their  operations.  Many  of  these  will  parallel  civilian  systems  or  even  tie  into  them 
directly.  Examples  of  military  systems  include  such  things  as  telecommimications  and  power 
generation  and  distribution.  There  are  essentially  two  levels  of  systems  here:  those  that  tie 
directly  into  civilian  systems  {e.g.,  Internet  access  or  phone  lines  to  a  commercial  telephone 
company)  or  those  that  are  exclusively  military  systems  {e.g.,  portable  power  generation  systems 
or  military  telecommunications  systems).  OIW  attacks  against  the  former  are  fairly 
straightforward  and  are  discussed  elsewhere  in  this  chapter.  Attacks  against  the  latter  may 
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require  more  skill  and  effort,  as  well  as  possibly  different  tools  and  techniques.  In  any  case,  OIW 
attacks  against  all  three  components  of  the  Military  Forces  subcategory  should  be  considered  as  a 
vital  part  to  any  OIW  plan. 

2.  Intangible 

The  second  major  category  for  this  OIW  template  is  Intangible.  This  category  consists  of 
those  things  that  are  not  necessarily  directly  attackable  by  OIW  tools  and  techniques,  yet  can  be 
influenced  by  them.  Using  OIW  against  these  Intangible  elements  is  no  easy  task.  There  are  no 
measurable  quantities  to  execute.  Different  perspectives  on  the  same  subject  may  yield  different 
results.  However,  these  Intangible  factors  must  be  addressed  in  OIW;  they  serve  as  the  primary 
basis  for  most  of  the  epistemological  target  sets  discusses  previously.  Only  with  a  thorough 
understanding  of  the  items  presented  here  can  one  translate  that  knowledge  into  tangible  target 
sets. 

a.  Culture 

Many  experts  in  warfare  will  say  that  in  order  to  effectively  wage  war  against  an 
enemy,  one  must  know  how  they  think  and  why  they  act  the  way  they  do  in  certain  situations.  A 
large  part  of  this  revolves  around  the  first  subcategory  of  the  Intangible  category.  Culture.  A 
good  inroad  into  understanding  a  given  culture  is  learning  the  language;  language  is  closely  tied 
to  culture.  Of  course,  the  language  of  every  possible  adversary  can  not  be  learned  by  everyone 
who  needs  to  know  it  (major  decision  makers,  detail  planners,  tactical  commanders,  etc.). 
Computers  can  help  in  this  regard  {e.g.,  artificial  intelligence,  neural  networks,  interactive 
databases,  etc.),  but  they  can  never  replace  the  subtleties  that  the  human  element  can  gamer.  By 
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understanding  the  culture  of  a  country,  OIW  attacks  can  be  targeted  against  weak  links  in  beliefs 
and  perceptions. 

b.  Interests  and  Goals 

Once  a  thorough  understanding  of  an  enemy’s  culture  is  gained,  the  task  of 
discerning  what  their  Interests  and  Goals  are  becomes  much  easier.  Many  times,  the  things  that  a 
country  desires  can  be  understood  from  a  thorough  knowledge  of  their  culture.  Getting  inside  the 
enemy’s  mind  to  rmcover  his  or  her  agenda  is  the  first  step  in  leveraging  a  successful  OIW  attack. 
A  truly  masterful  OIW  attack  would  be  one  that  is  able  to  attack  those  goals  and  interests 
directly,  perhaps  even  changing  them  somewhat  without  the  enemy  even  knowing. 

c.  History 

A  final  Intangible  component  is  History.  The  study  of  history  can  often  uncover 
many  things  that  can  be  used  to  an  attacker’s  advantage.  For  example,  in  previous  conflicts, 
what  were  the  COGs  that  were  used  successfully  against  that  enemy?  Do  such  weaknesses  still 
exist  and  can  they  be  exploited  this  time?  History  can  also  be  used  to  look  at  trends  in 
government,  how  or  if  a  country  binds  together  during  a  war,  etc.  [Ref  93]  Although  there  is  not 
much  (if  any)  history  relating  to  an  Information  War,  many  of  the  same  vulnerabilities  could  be 
manipulated,  albeit  in  a  different  fashion. 

The  construction  of  the  template  is  now  complete.  Again,  this  template  is  not  meant  to  be 
a  perfect  solution  or  an  all-encompassing  one.  It  should  be  used  as  a  general  set  of  guidelines  of 
things  to  be  examined  when  putting  together  an  Offensive  Information  Warfare  campaign  plan. 
Obviously,  most  of  the  entries  in  the  template  have  several  tools  and  techniques  that  could  be 
used  with  them.  Only  a  few  brief  examples  were  explored  here,  for  brevity’s  sake.  One  might 
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notice  that  some  things  have  been  omitted  from  the  template.  For  example,  OIW  attacks  against 
hospitals  might  be  a  very  powerful  weapon  (e.g.,  scrambling  medical  records  or  changing 
diagnoses).  However,  such  things  might  be  coimterproductive.  Plus,  many  safeguards  (i.e., 
international  law)  are  already  in  place  for  such  things.  To  summarize  the  infrastructure  template 
first  shown  in  Table  1 1,  is  reprinted  on  the  following  page  as  Table  12.  The  end  result  of  this 
section  is  that  template.  If  used  properly,  it  should  be  consistent,  flexible,  and  generic  while 
remaining  useful.  Of  course,  it  is  not  a  perfect  template,  and  changes  to  it  could  (and  should)  be 
made  as  required  for  improvement. 

C.  REVIEWING  THE  INFRASTRUCTURE  TEMPLATE 

After  examining  the  infrastructure  template,  at  least  four  recurring  themes  come  to  mind. 
All  of  these  have  been  mentioned  at  least  once  during  the  template  construction.  They  are 
elaborated  on  here  from  an  overall  perspective.  The  four  items  are:  Interaction  of  Template 
Elements,  Complexity,  Restoration  and  Redundancy,  and  Measures  of  Effectiveness. 

1.  Interaction  of  Template  Elements 

The  infrastructure  template  is  not  one  of  isolated  entries.  Rather,  there  is  an  interaction 
between  template  elements.  Some  of  these  interactions  may  be  stronger  than  others.  Some  may 
be  plaimed,  others  may  not.  The  end  result  is  a  synergistic  effect  throughout  the  template. 
Indeed,  true  success  in  an  OIW  campaign  is  a  result  of  recognizing  and  maximizing  this 
synergistic  effect.  Failure  to  consider  this  interaction  can  result  in  defeat  (i.e.,  by  not  realizing 
that  attacking  one  element  in  the  template  could  possibly  adversely  affect  another  element). 
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CATEGORY 

SUBCATEGORY 

COMPONENTS 

Tangible 

Politics 

Domestic 

Foreign 

Economics 

Commerce 

Finance 

Industry 

Natural  Resources 

Agriculture 

Manufactured  Goods 

Essential  Services  Systems 

Telecommunications 

Power  Generation/Distribution 

Water  Supplies  and  Sewage 

Heating/Cooling 

Transportation 

Space 

Geography 

Physical 

Environment 

Military  Forces 

Personnel 

Doctrine 

Systems 

Intangible 

Culture 

N/A 

Interests  and  Goals 

N/A 

History 

N/A 

Table  12.  Offensive  Information  Warfare  Infrastructure  Template. 
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2.  Complexity 

Much  has  been  said  about  the  nature  of  complex  systems,  especially  in  dealing  with  the 
template  components  of  Telecommunications  and  Power  Generation  and  Distribution.  However, 
complexity  is  practically  inherent  in  any  modem  system.  Although  not  specifically  mentioned 
under  other  components,  one  should  assume  that  such  complexity  does  exist.  As  a  case  in  point, 
there  was  no  mention  of  complexity  in  the  Transportation  component  (mainly  due  to  a  lack  of 
documented  examples);  however,  one  merely  needs  to  look  at  any  network  diagram  of  a  modem 
traffic  control  system  to  see  such  complexity.  Two  very  powerful  methods  for  dealing  with 
complexity  were  mentioned  in  this  chapter.  The  first  was  the  vulnerability  assessment 
methodology  shown  in  Figure  10.  The  second  was  the  EPS  simulation  software  mentioned  in  the 
Power  Generation  and  Distribution  component.  These  represent  preliminary  steps  that  need  to  be 
refined.  Systems  will  continue  to  grow  more  and  more  complex.  Preparations  need  to  be  made 
to  deal  with  those  kinds  of  systems  (perhaps  using  such  technologies  as  neural  networks).  A 
study  of  Complexity  Theory  should  be  a  basic  tenet  in  any  course  of  study  about  Information 
Warfare. 

3.  Restoration  and  Redundancy 

A  third  theme  is  Restoration  and  Redundancy.  Any  well-built  system  is  going  to  have  an 
inherent  redundancy  capability,  a  quick  restoration  capability,  or  both.  This  must  be  considered 
when  planning  OIW  attacks.  Neutrali2ation  of  one  or  more  system  elements  may  not  have  the 
desired  overall  effect.  A  thorough  understanding  of  the  restoration  and  redimdancy  features  of  a 
given  system  is  necessary.  Effective  use  of  probing  and  mapping  tools  can  facilitate  this.  One 
should  also  keep  in  mind  that  perhaps  full  effectiveness  cannot  be  achieved  in  this  arena.  As 
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systems  become  more  complex,  they  evolve  toward  the  edge  of  chaos;  in  other  words,  affecting 
one  element  of  a  system  may  have  a  totally  unpredictable  effect  on  the  system  as  a  whole. 

4.  Measure  of  Effectiveness 

One  of  the  most  difficult  problems  in  using  Offensive  Information  Warfare  in  a  campaign 
setting  against  an  infrastructure  is  assessing  the  effectiveness  of  the  attacks.  Measures  of 
Effectiveness  (MOEs)  are  a  challenge  and  a  necessity  to  modem  warfighting.  Since  Information 
Warfare  is  a  relatively  new  discipline,  there  are  really  no  “tried  and  tme”  MOEs.  In  fact,  the 
rapid  proliferation  of  systems  and  technologies  may  prohibit  such  MOEs  from  evolving. 

The  solution  lies  in  a  paradigm  shift  about  the  way  MOEs  are  viewed.  Many  people  may 
be  reluctant  to  try  “new”  MOEs  that  are  not  well-understood.  Perhaps  existing  MOEs  could  be 
used  if  they  are  viewed  in  a  lightly  different  manner.  For  examples  of  existing  MOEs,  Taking 
Down  Telecommunications  provides  five  MOEs  for  evaluating  attacks  against  those  types  of 
systems.  They  are  listed  below,  along  with  a  brief  description  of  each: 

•  Grade  of  Service  fOOSi  —  This  MOE  is  used  to  determine  the  “loss  of  system 
capability  in  a  static  system”.  [Ref.  95]  It  is  calculated  by  dividing  the  amount  of 
network  traffic  available  after  the  attack  by  the  amount  available  before  the  attack. 
Obviously,  a  lower  number  means  the  attack  was  more  effective. 

•  Range  —  This  MOE  is  simply  the  range  at  which  information  can  be  heard.  [Ref 
95]  This  is  useful,  for  example,  in  jamming  attacks. 

•  Throughput  and  Delay  —  Throughput  is  a  measure  of  successful  data 
transmissions  per  imit  time.  Delay  is  the  amount  of  time  between  transmission 
and  reception  of  a  given  message.  [Ref  95] 

•  Utilization  —  This  MOE  is  a  measure  of  how  much  a  given  system  is  in  use, 
compared  to  its  maximum  loaded  state.  [Ref  95] 
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•  Availability  --  This  final  MOE  takes  into  consideration  such  things  as  reliability 
(accurately  providing  information  to  the  intended  user)  and  survivability  (how 
well  the  system  is  able  to  function  after  a  given  attack).  [Ref.  95] 

Most  of  these  MOEs  might  be  a  good  measure  for  many  OIW  attacks  if  the  goal  is  to  degrade  the 

given  system.  However,  how  does  one  accurately  measure  the  number  of  programs  that  have 

been  infected  by  a  virus?  The  system  may  not  be  degraded  fi-om  a  GOS  standpoint,  but  it  is 

definitely  being  degraded  if  the  virus  is  propagating  throughout  the  enemy’s  networks.  One  can 

easily  see  new  MOEs  are  definitely  needed.  However,  developing  them  will  be  no  easy  task. 

This  chapter  has  presented  a  planning  tool  for  the  employment  of  Offensive  Information 
Warfare.  It  started  with  a  somewhat  detailed  review  of  Centers  of  Gravity.  Included  therein  was 
the  Warden  Five  Ring  Theory.  The  need  for  a  tool  such  as  an  infrastructure  template  was  then 
examined,  including  a  look  at  the  Information  Warfare  Battlespace  and  a  review  of  the  Offensive 
Information  Warfare  Strategy.  The  majority  of  the  chapter  was  spent  developing  the 
infrastructure  template.  Of  course,  this  template  is  not  perfect.  It  is  only  meant  to  provide  an 
entry  point  into  effective  OIW  planning.  The  examples  provided  were  basic  and  were  only  a 
small  sample  of  many  possibilities  in  this  field.  During  the  construction  of  the  template,  several 
recurring  features  were  noted.  They  formulated  the  basis  for  the  final  section  of  this  chapter. 
With  the  template  clearly  defined,  the  next  logical  step  is  to  examine  why  or  why  not  one  might 
want  to  use  Offensive  Information  Warfare. 
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VII.  OFFENSIVE  INFORMATION  WARFARE  ISSUES 


A.  THE  DECISION  TO  USE  OFFENSIVE  INFORMATION  WARFARE 

The  decision  of  whether  or  not  to  use  Offensive  Information  Warfare  is  not  a  trivial  one. 
As  one  can  now  see,  the  weapons,  technologies,  and  targeting  criteria,  are  all  very  complicated. 

In  addition  to  all  of  the  things  that  go  into  constructing  an  attack,  other  consideration  must  be 
given  to  a  wide  variety  of  issues.  These  issues  are  extremely  important  and  they  cannot  be 
ignored.  This  chapter  discusses  some,  but  perhaps  not  all,  of  those  types  of  issues.  These 
explanations  center  aroimd  two  major  groupings:  “Major  Issues”  and  “Other  Issues  and 
Considerations”.  The  former  category  deals  with  topics  that  are  absolutely  critical  to  a  decision 
of  whether  or  not  to  use  Offensive  Information  Warfare.  The  latter  category  is  more  concerned 
with  things  that  must  be  taken  into  account  once  the  larger  issues  have  been  resolved.  They  are 
more  focused  toward  the  execution  of  OIW  rather  than  towards  the  decision  to  employ  it. 

If  the  author  of  this  thesis  has  been  successful,  the  reader  will,  it  is  hoped,  have  realized 
by  now  that  Information  Warfare  is  definitely  warfare  and  it  should  definitely  be  employed  by  the 
United  States  if  possible  (the  last  part  of  the  OIW  puzzle  is  this  chapter).  In  many  cases,  OIW  is 
a  totally  new  way  of  thinking  (i.e.,  a  paradigm  shift).  Those  who  are  not  willing  to  make  the  shift 
will  never  understand  until  they  become  victims  of  OIW.  Information  Warfare  can  be  very 
powerful  yet  very  complicated.  This  chapter  looks  at  some  of  the  hard  questions  associated 
specifically  with  Offensive  Information  Warfare.  Of  course,  the  arguments  presented  here  are 
not  meant  to  be  the  only  possibilities;  rather,  they  are  meant  to  provoke  further  thought  and  to 
show  how  tough  some  of  these  problems  can  be  for  potential  decision  makers.  Other  than  the 
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multitude  of  definitions’  arguments  (explored  in  Chapter  II) ,  some  of  the  items  discussed  in  this 
chapter  are  among  the  most  controversial  in  Information  Warfare  circles  today. 

The  world  order  and  the  domestic  commxmity  of  the  United  States  are  very  complicated 
(they  could,  in  fact,  themselves  be  considered  as  complex  systems).  As  a  result,  decision  makers 
in  the  United  States  must  be  very  tuned  to  a  large  number  of  sensitivities  and  expectations  from 
both  the  national  and  international  communities  when  contemplating  any  kind  of  military  option. 
Some  of  those  considerations  (herein  after  referred  to  as  “the  bulleted  list”)  include: 

•  U.S.  forces  should  have  the  ability  to  act  quickly  and  decisively,  with  minimal 
(preferably  zero)  casualties  and  with  minimal  impact  on  the  environment.  [Ref.  97] 

•  The  U.S.  should  be  able  act  in  situations  of  less  than  total  war  and  be  able  to  avoid 
long,  drawn-out  conflicts  (the  Vietnam  syndrome).  [Ref.  97] 

•  U.S.  forces  should  be  able  to  operate  effectively  {i.e.,  with  a  high  degree  of 
precision)  in  a  complex  arena  interspersed  with  both  combatants  and  non- 
combatants.  [Ref  97] 

•  The  U.S.  should  be  able  to  use  its  strong  military  prowess  to  avoid  conflict 
whenever  possible.  If  military  force  is  necessary,  there  will  be  clearly  defined 
goals,  missions,  and  a  time  line  for  completion.  [Ref  97] 

•  All  of  these  things  should  be  accomplished  while  maintaining  the  “moral  high 
ground”  and  while  imder  “constant  media  scrutiny”.  [Ref  97] 

These  questions  are  always  in  the  minds  of  the  leadership  of  the  U.S.  when  trying  to  make  a 

decision  about  using  military  force.  These  same  points  will  serve  as  critical  points  for  many  of 

the  issues  discussed  in  this  chapter.  While  other  sensitivities  do  exist,  the  ones  presented  here 

are  among  the  most  important.  As  a  result,  the  bulleted  list  will  be  referred  to  throughout  this 

chapter. 
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B.  MAJOR  ISSUES 


The  first  grouping  of  01 W  issues  and  considerations  are  Major  Issues.  This  category 
includes  four  subcategories:  Political,  Legal,  Economic,  and  Moral  and  Ethical.  These  are  the 
toughest  issues  that  face  any  of  the  major  decision  makers  (President,  military  commanders,  etc.) 
when  trying  to  determine  whether  or  not  to  use  OIW  in  a  given  situation  and  to  what  extent  it 
should  be  used.  The  wrong  decision  in  any  of  these  subcategories  could  have  disastrous  results, 
most  notably  on  the  United  States.  Perhaps  others  that  could  be  affected  by  a  poor  decision 
include  allies  and  civilians.  Therefore,  great  care  must  be  taken  when  tackling  these  tougher 
issues  (tougher  when  compared  to  the  issues  in  the  next  section;  both  categories  are  difficult,  but 
this  one  is  more  so,  perhaps). 

1.  Political 

Since  any  form  of  conflict  revolves  around  the  political  scene,  the  first  consideration  to 
address  when  contemplating  OIW  attacks  is  the  Political  subcategory.  The  decision  to  implement 
any  OIW  campaign  plan  is  going  to  come  ultimately  from  the  National  Command  Authority 
(NCA),  comprised  of  the  President  of  the  United  States  and  the  Secretary  of  Defense.  Before 
giving  assent,  they  will  want  to  ensure  that  all  (or  as  many  as  possible,  given  tradeoffs)  of  the 
international  and  national  considerations  (as  listed  above)  will  be  assured  by  this  plan.  In  many 
cases,  OIW  can  satisfy  most  of  those  requirements.  OIW  attacks  can  be  swift  and  decisive  if 
properly  prepared  (as  discussed  in  the  following  section),  and  they  can  operate  in  extremely 
complex  situations.  They  can  be  accomplished  with  little  or  no  loss  of  life.  Certain  attacks  can 
be  targeted  against  combatants  only,  excluding  non-combatants.  The  nature  of  OIW  demands 
that  they  have  clearly  defined  missions,  goals,  and  time  lines. 
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Of  course,  there  are  potential  negatives  with  OIW  as  well.  OIW  attacks  can  be  covert; 
this  may  be  bad  if  the  U.S.  is  seen  to  do  nothing  in  the  eyes  of  the  world  community.  In  the 
harshest  forms  of  OIW,  civilian  populaces  can  be  affected  dramatically,  both  subtly  and 
devastatingly.  Some  tough  decisions  will  have  to  be  made  as  to  whether  the  objectives  of  the 
campaign  require  such  actions.  If  the  answer  is  yes,  there  exists  the  real  possibility  of  the  media 
doing  damage  and  of  the  U.S.  losing  the  “moral  high  ground”.[Ref.  97]  Other  drawbacks  could 
be  inadvertent  effects  on  allied  nations  (e.g.,  a  PSYOPS  campaign  could  just  as  easily  affect 
friends  as  enemies,  a  fact  not  likely  to  be  appreciated  if  the  former  were  ever  to  find  out).  [Ref. 

98]  The  bottom  line  is  that  public  opinions  and  perceptions  are  likely  to  be  heavy  factors  that  will 
influence  any  political  decision  on  whether  or  not  to  use  OIW.  [Ref.  99] 

2.  Legal 

Another  very  complicated  and  hotly  debated  issue  surrounding  Offensive  Information 
Warfare  is  its  legality.  To  date,  no  formal  laws  have  been  enacted,  either  in  the  United  States  or 
in  the  international  law  arena,  that  specifically  address  this  evolving  warfighting  discipline.  As  a 
result,  one  can  only  look  at  existing  statutes  and  see  if  they  can  be  interpreted  to  either  encourage 
or  discourage  OIW  attacks.  Obviously,  the  United  States  would  never  want  to  do  something  that 
could  be  construed  as  illegal...at  least  if  there  were  a  chance  of  anyone  finding  out.  There  may, 
however,  exist  a  situation  where  skirting  the  edge  of  the  law  might  be  preferable  to  the 
consequences  of  taking  no  action.  Again,  this  is  another  tough  decision  for  the  political  element. 
The  plethora  of  legal  debates  can  be  grouped  into  two  convenient  categories.  They  are  Domestic 
and  International.  The  former  refers  to  laws  particular  to  the  United  States  while  the  latter  is 
concerned  with  laws  in  the  international  community.  These  legal  squabbles  over  existing  laws 
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are  not  likely  to  be  much  affected  by  the  considerations  shown  in  the  bulleted  list  above,  but  the 
leadership  still  needs  to  be  able  to  justify  their  decisions  to  their  people  and  to  the  world. 

a.  Domestic 

There  are  many  documents  within  the  United  States  legal  system  that  could  form 
the  basis  of  decision  about  the  legality  of  Offensive  Information  Warfare  {i.e.,  a  justification  for 
OIW).  These  include:  the  Constitution,  parts  of  the  United  States  Code,  various  Congressional 
acts,  and  various  Executive  Orders.  Of  course,  there  could  be  many  other  statutes  that  could  be 
interpreted  as  a  pro  or  a  con  for  OIW.  For  the  purpose  of  this  thesis,  a  few  samples  from  the 
above  categories  will  be  discussed  with  respect  to  their  possible  effect  on  OIW.  Noticeably 
absent  will  be  an  examination  of  statutes  pertaining  to  OlW-type  attacks  directed  against  the 
United  States;  those  laws  fall  more  aptly  into  the  Defensive  IW  sphere. 

As  mentioned  above,  possible  interpretations  for  OIW  can  be  gleaned  fi-om  a 
variety  of  legal  sources.  The  Constitution  of  the  United  States  could  possibly  be  considered. 
Examples  are  the  clauses  that  state  the  powers  to  “declare  War”  or  “make  all  Laws  which  shall 
be  necessary...”.  [Ref.  29]  If  IW  is  a  form  of  warfare,  then  the  former  applies.  The  latter  phrase 
could  be  a  very  loose  catch-all  (the  “if  nothing  else  works,  try  this  “  mentality)  to  justify  an  OIW 
attack. 

The  United  States  Code  could  also  be  used  for  OIW  justification.  Title  10[Ref. 

1 00]  deals  with  Armed  Forces  and  is  often  quoted  (“Organize,  Train,  and  Equip”)  as  a 
justification  for  IW  in  general.  Section  164[Ref.  100]  outlines  the  powers  and  duties  of  the 
combatant  commanders  (CINCs).  Included  therein  are  powers  to  organize  and  employ  forces. 
Section  121  [Ref  100]  says  that  the  President  (in  his  capacity  as  Commander-in-Chief)  may 
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“prescribe  regulations  to  carry  out  his  functions,  powers,  and  duties  under  this  title”.  [Ref.  100] 
This  is  another  convenient  loophole  if  needed.  Title  50[Ref.  101]  deals  with  War  and  National 
Defense.  Section  413b[Ref.  101]  requires  a  “presidential  finding”(a  formal  process  of  getting 
permission)  before  a  covert  action  can  be  undertaken.  This  could  be  construed  as  a  hindrance  to 
01 W  since  many  forms  of  it  demand  covertness.  These  two  titles  (10  and  50)  are  two  good 
examples  of  the  applicability  of  the  U.S.  Code  to  OIW. 

Several  other  domestic  documents  have  a  role  in  justifying  OIW.  First,  Executive 
Order  12333  [Refs  29  and  102]  deals  with  intelligence  activities  in  the  United  States.  It  serves  as 
the  basis  for  many  IW  decisions  being  made  today.  It  gives  the  Director  of  Central  Intelligence 
(DCI)  powers  to  perform  special  assignments  as  dictated  by  the  President.  This  could  be 
interpreted  as  a  vehicle  for  conducting  some  OIW  operations.  Second,  Executive  Order  12472 
[Ref.  29]  relates  to  national  telecommunications  during  times  of  crisis.  It  provides  the  National 
Security  Council  (NSC)  the  power  to  allocate  the  nation’s  telecommunications  systems  in  times 
of  war  or  crisis.  This  statement  could  serve  as  a  justification  for  OIW  attacks  launched  from 
telecommimications  platforms  in  the  United  States.  Next,  the  Communications  Act  of  1934[Ref 
29]  gives  the  President,  during  times  of  war,  the  power  to  “amend  rules  pertaining  to  wire 
commimications”.  This  could  again  serve  as  a  basis  for  launching  OIW  attacks  through  that 
media.  Finally,  the  Foreign  Intelligence  Surveillance  Act  of  1978 [Ref  29]  allows  for  electronic 
surveillance  and  intelligence  collection  against  foreign  agents  following  a  given  set  of  guidelines. 
At  a  minimum,  this  act  can  bolster  the  preparations  process  for  OIW  (accurate  and  timely 
intelligence  is  crucial  to  effective  OIW,  a  fact  which  will  be  discussed  in  the  following  section. 
Other  Issues).  The  two  Executive  Orders  and  the  two  acts  presented  here  clearly  show  the  role  of 
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such  documents  in  Offensive  Information  War.  Others  could  be  found  to  be  applicable,  but  the 
goal  here  is  to  provide  a  sampling,  not  a  total  list. 

One  can  easily  see  that  the  justification  for  employing  Offensive  Information 
Warfare  can  be  interpreted  from  several  laws  already  enacted  in  the  United  States.  However,  the 
reverse  is  also  true;  those  same  laws  could  be  interpreted  as  prohibitive  to  OIW.  One  might  also 
notice  that  several  of  the  items  mentioned  in  this  discussion  have  dealt  with  wartime.  An  OIW 
campaign  might  actually  precede  and  preclude  full  hostilities.  This,  of  course,  adds  to  the 
problem  of  interpretation.  Based  on  all  of  these  ambiguities,  the  case  could  be  argued  for 
specific  laws  pertaining  to  OIW.  Of  course,  again,  this  technique  could  backfire,  and  laws  could 
be  passed  that  prohibit  the  use  of  OIW  or  at  least  restrict  it  (which  may  not  help  those  charged 
with  executing  OIW  plans). 

b.  International 

International  laws  could  also  be  interpreted  as  being  applicable  to  Offensive 
Information  Warfare.  There  is  no  single  conglomeration  of  international  law.  The  closest  thing 
to  a  governing  body  is  the  International  Court  of  Justice.  However,  this  entity  only  recognizes 
certain  laws:  treaties,  conventions,  and  customary  law  (“law  which  is  common  to  many 
nations  [Ref.  29]).  In  general,  these  laws  are  more  vague  (by  necessity)  than  the  laws  of  any 
given  country.  Also,  they  tend  to  be  focused  on  different  issues  (mostly  humanitarian  ones)  than 
the  laws  of  a  nation;  they  tend  to  deal  with  things  that  all  of  the  signatories  could  agree  to. 

The  deliberation  here  will  be  twofold.  First,  there  will  be  a  discussion  of  acts  of 
war  and  IW.  Second,  various  statutes  and  agreements  (mostly  drawn  from  United  Nations 
sources)  will  be  reviewed  as  a  means  to  justify  OIW.  Naturally,  not  every  possible  portion  of 
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international  law,  treaties,  etc.,  could  be  examined  here.  Rather,  the  goal  is  to  give  the  reader  a 
feel  for  the  international  legal  scene. 

The  international  legal  community  places  great  emphasis  on  acts  of  war. 
Traditionally,  declarations  of  war  have  been  formal  events.  A  series  of  conventions  and 
agreements  that  were  signed  either  late  in  the  1 9th  or  early  in  the  20th  centuries  set  down  the 
“rules”  for  the  commencement  of  hostilities  (e.g.,  Lieber  Code,  Hague  Conventions,  etc.).  [Ref 
103]  Recently  (post- World  War  II),  this  process  has  evolved  into  less  formal  declarations  or 
even  no  declaration.  However,  in  almost  all  cases,  there  have  clearly  been  acts  of  armed  force 
that  justified  a  military  response  (in  keeping  with  the  traditions  of  the  earlier  agreements). 

Warfare  in  the  Information  Age  changes  that  paradigm.  While  traditional  forms 
of  warfare  have  included  violent  acts  as  their  foundation.  Information  Warfare  does  not 
necessarily  subscribe  to  that  notion.  Today,  an  OIW  campaign  could  consist  of  entirely  non¬ 
violent  (to  people)  attacks.  Would  these  attacks  still  be  considered  as  acts  of  war  and  elicit 
perhaps  an  armed  response?  If  those  attacks  were  directed  at  a  critical  portion  of  the  enemy’s 
infrastructure  (s.g.,  economy),  the  answer  is  most  likely  yes.  In  such  a  case,  would  the  OIW 
attacks  be  considered  acts  of  war?  This  is  but  one  of  the  many  problems  facing  the  international 
legal  commvmity.[Refs.  68, 97, 103] 

Another  major  issue  is  justification.  The  discussion  of  domestic  law  centered 
around  justifying  the  use  of  OIW  to  the  people  of  the  United  States  (which  would  be  one  of  the 
primary  concerns  of  the  political  leadership-recall  the  bulleted  list  from  early  in  the  chapter). 
The  same  argument  must  be  made  before  the  world  order.  As  a  result,  an  examination  of  some 
of  the  accepted  documents  in  the  international  community  should  be  reviewed. 
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Certain  international  legal  documents  could  be  seen  as  prohibitive  for  OIW.  For 
example,  one  of  the  earliest  arguments  on  limiting  warfare  was  the  Declaration  of  St.  Petersburg 
in  1 868.  For  the  first  time  in  the  Western  world,  concern  was  raised  about  the  legality  and 
morality  of  certain  types  of  weapons.  The  Declaration  stated  that  using  weapons  “which 
uselessly  aggravate  the  sufferings”[Ref  74]  of  soldiers  are  “contrary  to  the  laws  of 
humanity  [Ref  74]  This  document  gave  rise  to  a  whole  series  of  restrictions  that  became  known 
as  the  Law  of  Armed  Conflict  (LOAC).[Ref  74]  This  precedent  could  raise  many  questions 
about  OIW.  For  example,  epistemological  targets  could  be  made  to  undergo  sufferings.  But 
what  if  those  sufferings  were  not  real,  but  only  in  their  minds  (a  real  possibility  in  IW)?  Would 
the  LOAC  still  apply?  This  is  just  one  of  many  tough  issues  that  need  to  be  addressed  when 
trying  to  decide  about  employing  OIW  tools  and  techniques.  Of  comse,  there  are  many  more 
examples  that  could  be  used  to  reiterate  the  prohibitive  nature  toward  OIW  of  much  of 

international  law  (e.g.,  Geneva  Conventions,  United  Nations  Conventions,  etc.),  but  are  not 
addressed  for  the  sake  of  brevity. 

On  the  other  hand,  certain  legal  agreements  could  be  used  as  a  justification  for 
OIW.  For  example.  Article  51  of  the  United  Nations  Charter  states  “nothing...  shall  impair  the 
inherent  right  of  individual  or  collective  self-defense  if  an  armed  attack  occurs”.[Ref  104]  If  the 
United  States’  interests  are  attacked,  this  statement  could  be  used  as  a  justification  for  launching 
OIW  assaults.  If  the  U.S.  is  a  victim  of  an  OIW  attack,  an  argument  could  be  made  that  it  was 

an  armed  attack”[Ref  104],  and  thus,  the  U.S.  could  respond  in  kind.  Of  course,  this  may  not  be 
easy,  but  it  is  possible. 


151 


In  summary,  knowledge  of  the  international  legal  scene  is  crucial  to  any  decision 
involving  the  use  of  Offensive  Information  Warfare.  The  statutes  exist  to  justify  OIW  actions. 

At  the  same  time,  other  (or  the  same)  legal  documents  could  disprove  a  justification  claim.  Care 
must  be  taken  to  prepare  for  such  contingencies.  Also,  a  lack  of  knowledge  could  lead  to  an 
unintended  violation  of  an  obscure  treaty  or  convention.  [Ref  29]  This,  m  turn,  could  result  in 
problems  with  the  victim  nation  (perhaps  an  ally)  or  condemnation  from  the  international 

community. 

3.  Economic 

A  third  major  issue  surrounding  the  potential  use  of  Offensive  Information  Warfare  is 
Economics.  As  seen  in  the  previous  chapter,  OIW  can  have  a  devastating  impact  on  national  and 
international  economies.  The  U.S.  may  not  want  to  risk  OIW  attacks  for  three  main  reasons. 
First,  the  possibility  exists  to  send  the  world  (and  thus  the  United  States)  into  an  economic 
decline  by  something  as  simple  as  a  computer  virus  that  was  inserted  at  the  wrong  place  at  the 
wrong  time.  Since  more  and  more  economic  transactions  are  being  done  via  electronic  media, 
the  penalty  for  a  wrong  decision  is  rapidly  increasing.  Second,  there  may  be  no  way  to  tell  if  a 
wrong  decision  has  been  made  until  it  is  too  late;  the  nature  of  complex  systems  allows  for 
unpredictable  behavior.  Finally,  any  attack  on  a  country’s  economic  system  is  an  attack  on  its 
people.  The  U.S.  may  not  want  to  risk  losing  “the  moral  high  ground  [Ref.  97]  (as  discussed  in 
the  bulleted  list).  The  economic  factors  mentioned  here  are  very  serious  ones;  the  very  real 
possibility  exists  of  doing  more  damage  to  ourselves  (due  to  the  U.S.’s  heavy  involvement  in  the 
world  economic  order)  than  to  the  enemy. 
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4. 


Moral  and  Ethical 


The  final  major  issue,  and  the  most  difficult  to  measure,  is  the  Moral  and  Ethical  side  of 
Offensive  Information  Warfare.  As  mentioned  at  the  beginning  of  the  chapter,  the  United  States 
is  perceived  (mainly  by  its  own  people)  as  the  “good  guys”,  holding  “the  moral  high 
ground”.  [Ref.  97]  As  a  result,  the  national  and  international  communities  tend  to  carefully 
scrutinize  questionable  issues,  frowning  upon  those  they  perceive  as  immoral  or  unethical.  Many 
forms  of  OIW  could  fall  into  that  category.  Attacking  an  epistemological  COG  of  a  country, 
subtly  subverting  their  will,  is  not  “fair”  (adopting  the  status  quo  mentality  for  a  moment). 

“Good  guys  always  fight  fair,  so  this  IW  thing  is  not  for  us.”  Such  a  mentality  is  probably  based 
largely  on  ignorance.  To  avoid  many  of  these  kinds  of  problems,  an  education  process  of  some 
sort  may  be  needed.  [Ref.  103]  However,  that  is  a  tradeoff  because  the  U.S.  may  not  want  to 
reveal  to  its  people  (and  thus  to  the  world  and  potential  enemies)  the  capabilities  it  possesses. 
Appealing  to  moral  and  ethical  standards  while  waging  OIW  is  a  formidable  task. 

Four  very  tough  issues  have  been  examined  in  this  section  of  the  thesis.  Political 
considerations  abound  in  modem  warfare,  especially  in  one  with  an  IW  context.  Legal  issues 
surrounding  OIW  are  enormous  and  complicated,  mainly  due  to  a  lack  of  specific  laws  regarding 
this  field.  Economic  issues  are  vital  not  only  to  the  enemy  but  to  the  U.S.  as  well.  Finally,  the 
tough  issues  of  Morality  and  Ethics  must  also  be  addressed.  Resolution  of  these  hard  issues  is 
challenging  but  essential. 


153 


c. 


OTHER  ISSUES  AND  CONSIDERATIONS 


The  last  section  of  this  chapter  will  address  other  issues  and  considerations  that  must  be 
considered  when  using  Offensive  Information  Warfare.  While  the  items  discussed  here  may  not 
be  as  lofty  or  potentially  damaging  as  some  of  the  issues  discussed  in  the  previous  section,  they 
are  extremely  critical  nonetheless.  The  two  basic  categories  presented  here  are  “Military  Issues” 
and  “Miscellaneous  Issues”.  One  should  keep  in  mind  that  there  are  possibly  other  issues  and 
considerations  that  could  be  added  if  necessary.  The  attempt  here  to  give  the  reader  a  feel  for  the 
vast  array  of  things  that  must  be  addressed  when  contemplating  the  use  of  OIW. 

1.  Military  Issues 

The  actual  employment  of  Offensive  Information  Warfare  is  likely,  at  least  in  part,  to  be 
accomplished  with  some  form  of  a  military  force,  or  at  least  supported  by  one.  Thus,  seven  vital 
issues  and  considerations  of  OIW  military  planning  and  execution  are  presented  here.  They  are: 
scope  of  threats,  goals  of  attacking  force,  time  line  to  hostilities,  mind  set  of  commanders.  Battle 
Damage  Indicators(BDA)/Battle  Damage  Assessment(BDI),  levels  of  attacks,  intelligence 
support,  and  collateral  damage.  Each  of  these  is  talked  about  briefly  in  the  subsequent 
paragraphs. 

a.  Scope  of  Threats 

The  majority  of  this  thesis,  while  not  always  specifically  stated,  has  been  focused 
primarily  on  large  coimtries  that  are,  at  a  minimum,  well  into  Second  Wave  thinking  and  are 
embracing  the  Third  Wave  mentality  (one  should  refer  to  Chapter  I  for  an  explanation  of  the 
various  waves).  These  kinds  of  nations  rely  heavily  on  information  and  technology  for  survival. 
Of  course,  today’s  world  is  full  of  threats  fi'om  smaller  countries  and  groups  that  do  not 
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necessarily  fit  the  general  mold  presented  in  this  thesis.  Can  Offensive  Information  Warfare  be 
used  against  such  adversaries?  The  answer  is:  yes,  at  least  to  some  extent.  Two  examples  of 
these  non-traditional  threats  are  Third  World  Countries  and  Sectarian  Organizations. 

(1)  Third  World  Countries.  Most  of  the  conflicts  that  the  United  States 
finds  itself  embroiled  in  today  are  in  developing  nations.  One  would  think  that  the  OIW 
possibilities  of  such  First  and  Second  Wave  states  would  be  limited  or  non-existent.  While  this 
may  be  true  in  many  cases,  such  things  as  “technology  leapfrogging”  (originally  discussed  in 
Chapter  FV)  present  potential  for  OIW.  Preparing  for  Third  World  contingencies  from  an  OIW 
perspective  should  be  a  part  of  the  planning  process. 

While  some  tools  and  techniques  may  not  be  appropriate  in  many  cases,  at 
least  some  form  of  an  OIW  campaign  could  be  launched.  For  example,  a  certain  underdeveloped 
country  may  not  have  a  stock  market  economy,  but  it  does  have  an  extensive  cellular  phone 
system,  complete  with  microwave  relay  towers.  While  an  economic  attack  may  not  be  possible 
in  such  a  case,  the  cellular  network  could  and  should  be  prosecuted  with  the  appropriate  OIW 
weaponry. 

While  the  targets  here  may  be  less  sophisticated  and  more  ad  hoc,  in  some 
ways  their  vulnerability  is  increased.  For  example,  a  country  with  a  primitive  communications 
network  might  be  a  prime  target  for  a  PSYOPS  campaign.  Removing  or  subverting  the  existing 
telecommunications  architecture  (most  likely  not  very  complicated)  should  be  straightforward. 
Due  to  the  lack  of  complexity,  chances  are  that  the  enemy  government  would  be  hard-pressed  to 
refute  any  propaganda  claims. 
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However,  such  countries  present  other  challenges.  Planning  an  OIW 
campaign  requires  a  large  amoimt  of  time  when  compared  to  other  forms  of  warfare.  Crises  in 
Third  World  countries  pop  up  all  the  time.  Thus,  planning  timelines  become  a  factor.  Also, 

OIW  requires  a  large  amount  of  detailed  information  for  planning  {i.e.,  intelligence).  This  may 
be  difficult  if  no  intelligence  assets  are  in  place  when  a  crisis  occurs.  These  same  issues  are  also 
separate  entries  in  this  section  (e.g..  Time  line  To  Hostilities,  Intelligence  Support,  etc.).  One  can 
thus  see  that  OIW  is  possible  against  Third  World  countries,  but  it  may  not  be  feasible  due  to  the 
amount  of  preparation  required. 

(2)  Sectarian  Organizations.  Offensive  Information  Warfare  could  also  be 
employed  against  Sectarian  Organizations.  These  are  such  things  as  terrorist  groups,  political 
parties,  subversive  elements,  etc.  Obviously,  the  attacks  would  be  much  smaller  in  scope.  They 
would  most  likely  occur  through  the  existing  infi’astructure  of  the  country  where  they  reside.  Of 
course,  these  kinds  of  attacks  require  precision  intelligence.  These  attacks  could  also  result  in 
confrontation  with  the  host  nation.  Even  if  they  are  not  sponsoring  the  organization,  many 
attacks  will  probably  occur  through  their  infrastructure.  These  considerations  may  detract  from 
the  usefulness  of  OIW  in  these  situations. 

b.  Goals  of  Attacking  Force 

The  goals  of  the  attacking  force  should  obviously  be  considered  when  preparing 
OIW  attacks.  With  the  multitude  of  preparation  and  potential  problems  that  surround  this  option, 
the  U.S.  leadership  may  opt  not  to  utilize  this  powerful  weapon.  If  the  attacks  can  not  be 
accomplished  effectively,  this  is  a  good  decision.  Not  using  OIW  because  “it  is  just  too  hard”  is 
not  a  valid  reason.  Yes,  more  time  and  effort  are  required  for  effective  attacks,  but  the  results 
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can  be  devastating.  Also,  01 W  may  be  the  weapon  of  choice  in  certain  situations  (e.g.,  a 
demonstration  to  show  a  belligerent  nation  the  potential  damage  that  could  be  done  to  them). 

c.  Time  line  To  Hostilities 

As  alluded  to  in  the  discussion  of  Scope  of  Threats,  a  large  amount  of  time  is 
required  to  prepare  OIW  attacks.  Precision  information  is  required.  If  no  intelligence  assests  are 
in  place  to  collect  that  information,  they  must  be  put  in  place.  The  complex  nature  of  many 
modem  systems  requires  time  to  learn  the  intricacies  of  them  prior  to  targeting  them.  Preparation 
of  tailored  tools  {e.g.,  malicious  software,  sniffers,  mappers,  etc.)  requires  time.  A  cleverly 
crafted  PSYOPS  campaign  may  take  years  to  cultivate.  The  weighing  of  the  many  vital  issues 
and  reaching  of  decisions  require  time.  In  each  of  these  cases,  a  little  more  time  is  required  for 
preparation.  While  rapid  advances  in  technology  may  facilitate  this  process  somewhat,  a 
considerable  amoimt  of  time  will  probably  still  be  required  to  prepare  an  effective  OIW 
campaign. 

d.  Mind  set  of  Commanders 

Another  issue  for  consideration  is  the  mindset  of  the  military  commanders.  Many 
may  just  not  believe  or  understand  the  potential  of  OIW  because  of  a  Second  Wave  mentality. 
This  may  translate  into  hesitation  at  the  moment  of  truth  or  a  poor  execution  of  the  plan.  This 
problem  is  likely  to  be  most  vivid  at  the  tactical  level.  For  example,  malicious  software  in 
conjunction  with  an  BMP  bomb  is  used  to  neutralize  the  fire  control  radars  at  a  given  air  defense 
site.  The  air  wing  commander  given  the  task  of  overflying  that  position  may  be  hesitant  when 
satellite  photos  show  no  physical  damage  to  those  structures  (“How  do  I  know  those  facilities  are 
out  of  commission?”).  Most  of  this  mind  set  problem  stems  from  ignorance.  Thus,  effective 
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education  is  required  of  at  least  the  senior  military  leadership  (but  preferably  of  everyone 
involved).  The  lack  of  such  education  may  be  a  decisive  factor  for  determining  whether  or  not  to 
use  OIW. 

e.  Battle  Damage  Indicators/Battle  Damage  Assessment 

One  key  aspect  of  modem  warfare  is  the  need  for  timely  and  accurate  Battle 
Damage  Indicators  (BDI)/Battle  Damage  Assessment  (BDA).  Many  factors,  such  as  increased 
complexity,  reduced  timelines,  and  larger  battlespaces,  demand  a  system  for  measuring  the 
effectiveness  of  attacks.  Of  course,  this  system  must  be  able  to  convey  that  information  to  the 
required  parties  accurately  and  in  near-real  time. 

Information  Warfare  attacks  raise  new  issues  for  BDI/BDA  systems.  Many  OIW 
tools  and  techniques  optimally  would  be  precise  and  covert.  As  a  result,  the  attacking  force  may 
know  exactly  where  the  attack  took  place,  but  how  does  one  know  if  that  attack  was  successful  or 
not?  Often,  the  inherent  nature  of  such  strikes  {i.e.,  covert,  no  control  after  execution  by  the 
attacker,  etc.)  might  preclude  feedback  on  the  extent  of  damage  that  was  done.  For  example, 
how  does  one  measure  how  far  a  computer  virus  has  spread  through  a  network?  Is  the  damage 
enough  to  accomplish  the  mission?  If  the  possibility  exists  that  the  required  BDI/BDA  may  not 
be  readily  available  or  in  a  comprehensive  format,  the  decision  to  abort  an  attack  or  find  another 
weapon  may  have  to  be  made.  For  example,  if  a  computer  virus  was  tasked  to  disable  an  air 
defense  system  and  no  reliable  information  is  available  on  the  effectiveness  of  that  OIW  strike,  a 
commander  may  decide  to  forgo  a  scheduled  air  raid  until  better  information  is  available. 
Resolving  BDI/BDA  issues  is  essential  for  success  in  OIW  attacks. 
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f.  Levels  of  Attacks 

As  mentioned  throughout  this  thesis  (and  incorporated  into  the  Paradigm  F 
discussion  of  Chapter  II),  Information  Warfare  can  exist  at  the  Strategic,  Operational,  and 
Tactical  levels  of  war.  As  a  result,  01 W  attacks  can  be  directed  at  any  or  all  of  these 
components.  Different  tools  and  techniques  may  be  best  matched  against  one  level  than  another. 
For  example,  a  computer  virus  is  likely  to  have  more  of  an  effect  at  the  strategic  level  with  many 
networked  computers  than  at  the  tactical  level  where  the  network  is  sparse  or  non-existent.  On 
the  other  hand,  an  EMP  bomb  is  likely  to  have  more  of  an  effect  on  military  telecommunications 
in  the  field  than  on  a  large  network  facility  with  much  redundancy  and  dispersion.  Also,  the 
amount  of  time  and  preparation  required  for  attacks  at  the  tactical  level  may  not  be  worth  the 
effort.  One  can  see  that  the  level  of  attack  is  not  something  that  can  be  taken  for  granted;  it  must 
be  an  inherent  part  of  the  planning  process. 

g.  Intelligence  Support 

The  role  of  intelligence  support  to  Offensive  Information  Warfare  is  absolutely 
critical.  Several  examples  of  this  requirement  have  been  provided  throughout  this  thesis.  The 
amount  and  precision  of  information  required  to  launch  an  OIW  attack  is  enormous.  The 
intelligence  collection  and  dissemination  entities  must  be  familiar  with  these  requirements  and 
initiate  activities  to  ensure  that  the  required  information  is  provided  in  a  timely  manner.  This 
support  could  be  anything  fi*om  direction  of  overhead  assests  to  placing  operatives  at  the  target 
source.  All  of  these  efforts  require  time.  They  also  require  knowledge  of  Information  Warfare. 
The  lack  of  intelligence  assets  or  of  the  required  details  for  planning  may  preclude  the 
development  of  an  OIW  campaign  for  a  given  situation. 
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h.  Collateral  Damage 

A  final  military  issue  that  must  be  addressed  is  the  possibility  of  collateral 
damage.  This  reality  has  been  alluded  to  previously.  If  not  carefully  considered,  an  OIW  attack 
can  quickly  go  astray  and  cause  large  amounts  of  unintended  damage,  possibly  to  innocents  or 
even  to  the  attacking  force.  While  some  of  this  collateral  damage  cannot  be  prevented  (due  in 
large  part  to  the  nature  of  complex  systems  as  mentioned  previously),  much  of  it  can  be 
alleviated  by  thorough  preparation  and  effective  plarming.  Of  course,  contingency  plans  are  also 
always  a  good  idea.  In  cases  where  the  risk  is  too  high  for  collateral  damage  or  fratricide,  the 
wisest  plan  might  be  to  abort  or  postpone  an  OIW  plan. 

2.  Miscellaneous  Issues 

To  round  out  the  chapter,  the  discussion  will  turn  to  several  other  issues  or  considerations 
that  either  do  not  directly  relate  to  any  of  the  other  categories  presented  so  far  or  are  so  distinct  as 
to  merit  a  separate,  dedicated  portion  of  the  chapter.  Although  they  are  grouped  as 
“Miscellaneous  Issues”,  they  are  important  to  examine  nevertheless.  Five  such  issues  are 
included  here:  Repercussions,  Classification,  Proportionality,  Interoperability,  and  Coalitions. 
a.  Repercussions 

Any  Offensive  Information  Warfare  attacks  is  likely  to  produce  a  response  from 
the  victim  (if  the  victim  knows  or  suspects  that  something  has  transpired).  Thus,  a  key  part  of  an 
OIW  plan  is  a  Defensive  Information  Warfare  (DIW)  plan  (one  may  recall  occurrences  earlier  in 
the  thesis  when  the  marriage  of  OIW  and  DIW  were  discussed).  This  necessity  is  especially 
important  to  the  United  States  today.  The  U.S.  is  perhaps  the  most  vulnerable  of  any  country  for 
OIW  attacks.  Although  the  protection  is  getting  better,  there  is  still  a  long  way  to  go.  In  the 
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interim,  considerations  for  possible  retaliatory  strikes  must  be  planned  for.  Of  course, 
repercussions  need  not  be  IW  in  nature;  many  conventional  forms  for  revenge  exist,  but  the  U.S. 
is  better  prepared  for  those  kinds  of  situations.  Repercussions  could  also  come  from  allies  or  the 
world  commimity  in  the  case  of  collateral  damage.  Before  executing  any  OIW  plan,  the  U.S. 
must  be  prepared  to  deal  with  any  backlash,  from  whatever  quarter. 

b.  Classification 

Another  item  for  consideration  in  OIW  planning  is  the  classification  level 
involved.  Most  work  within  the  United  States  government  on  Offensive  Information  Warfare  is 
highly  classified.  While  there  are  many  good  reasons  for  such  safeguards,  they  are  also  inhibiting 
to  the  overall  process.  The  case  may  exist  that  not  all  of  the  major  players  in  an  OIW  campaign 
know  what  the  others  are  doing.  This  is  a  dangerous  situation.  The  possible  results  could  be 
an5dhing  from  decreased  overall  efficiency  to  calamitous  collateral  damage.  Some  vehicle  for 
deconfliction  must  be  in  place  to  preclude  such  potential  catastrophes. 

c.  Proportionality 

The  case  may  exist  one  day  when  the  United  States  may  have  to  respond  in  kind 
to  an  OIW  attack.  Before  any  “pre-formatted”  OIW  attack  is  launched  in  retaliation,  care  must 
be  given  to  ensure  the  response  is  of  the  right  proportion  (flitting  back  to  the  legal  aspects  for  a 
moment)  to  prevent  outcry  from  the  international  community.  A  more  difficult  issue  would  be 
determining  a  proportionate  response  to  a  conventional  attack  by  using  an  OIW  tool  or  technique. 
There  is  simply  no  precedent  for  this  type  of  response.  As  a  result,  there  is  no  effective  way  to 
gauge  what  the  proper  response  might  be. 
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d.  Interoperability 

Interoperability  issues  are  also  important  to  OIW  planning.  If  a  portion  of  the  plan 
is  prepared  by  one  system  but  will  be  executed  by  another,  care  must  be  taken  to  ensure  that  the 
two  systems  can  talk  to  one  another.  Also,  the  path  of  the  attack  must  be  examined.  If  the  attack 
vehicle  will  be  passing  through  several  systems  (not  necessarily  controlled  by  friendly  forces), 
planners  must  guarantee  that  such  hand-offs  can  occur  smoothly.  This,  of  course,  requires  even 
more  time  and  knowledge.  While  these  issues  may  appear  to  be  trivial,  they  may  possibly  be 
overlooked  for  just  such  a  reason,  especially  in  light  of  the  myriad  of  other  issues  and 
considerations  that  are  required. 

e.  Coalitions 

A  frnal  consideration  revolves  around  the  current  geopolitical  scene  in  the  world 
today.  Rare  is  the  occasion  when  the  United  States  finds  itself  involved  in  a  world  conflict 
without  some  form  of  alliance  or  coalition.  To  what  extent  will  the  U.S.  coordinate  the  OIW 
portion  of  its  strategic  plan  with  these  allies?  Failure  to  do  so  may  result  in  collateral  damage  to 
the  allied  forces  or  at  least  disapproval  for  being  left  out  of  the  loop.  On  the  other  hand,  too 
much  sharing  may  reveal  too  much  about  the  capabilities  that  the  U.S.  possesses.  After  all, 
today’s  ally  may  be  tomorrow’s  enemy.  This  is  yet  another  tough  issue  that  must  be  resolved. 

This  chapter  has  present  a  series  of  issues  and  considerations  that  must  be  addressed 
when  contemplating  an  Offensive  Information  Warfare  campaign.  While  this  list  of  issues  may 
not  be  all-inclusive,  it  presents  a  clear  picture  of  the  scope  and  complexity  of  the  decisions 
required  prior  to  executing  an  OIW  plan.  Of  course,  an  examination  of  these  issues  is  not  as 
simple  as  going  down  a  checklist.  Many  of  these  issues  overlap  or  interact  with  one  another. 
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The  correct  decision  for  one  issue  may  the  incorrect  one  for  another.  These  are  tough  issues  for 
which  there  are  no  easy  answers.  Yet,  they  must  be  answered,  at  least  to  some  extent,  before 
latmching  an  01 W  attack.  Table  13  below  is  a  review  of  the  issues  discussed  in  this  chapter. 


CATEGORY 

SUBCATEGORY 

ELEMENTS 

Major  Issues 

Political 

N/A 

Legal 

Domestic 

International 

Economics 

N/A 

Moral  and  Ethical 

N/A 

Other  Issues 

Military 

Scope  of  Threats 

Goals  of  Attacking  Force 

Time  line  To  Hostilities 

Mind  set  of  Commanders 

BDI/BDA 

Levels  of  Attacks 

Intelligence  Support 

Collateral  Damage 

Miscellaneous 

Repercussions 

Classification 

Proportionality 

Interoperability 

Coalitions 

Table  13.  Offensive  Information  Warfare  Issues. 
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VIII.  CONCLUSION 


A.  THE  THESIS  IN  REVIEW 

This  journey  into  the  world  of  Information  Warfare  is  now  almost  complete.  A  wide 
variety  of  subjects  have  been  covered.  Roughly  the  first  half  of  this  thesis  focused  on  general 
Information  Warfare  ideas  and  concepts:  definitions,  players,  and  technologies.  The  second  half 
focused  specifically  on  one  side,  Offensive  Information  Warfare.  Some  tools  and  techniques 
were  explored  that  could  then  be  matched  with  the  infrastructure  template  that  was  subsequently 
created.  Finally,  some  tough  issues  surrounding  Offensive  Information  Warfare  were  examined. 
This  final  chapter  is  broken  into  two  parts.  The  first  part  presents  a  brief  review  of  each  chapter. 
The  second  part  shares  some  thoughts  and  concerns  the  author  has  about  Information  Warfare. 

1.  Chapter  I:  Introduction 

Chapter  I  presented  the  background  for  this  thesis.  The  role  of  information  in  warfare 
was  explored,  from  Hannibal  and  the  Mongols  to  World  War  II  and  Desert  Storm.  During 
Operations  Desert  Shield  and  Desert  Storm,  a  new  dimension  of  warfighting  began  to  emerge: 
Information  Warfare.  Based  on  some  thoughts  by  the  Tofflers  about  the  evolution  of  the  world 
towards  information  dependence,  the  Third  Wave  was  bom.  An  example  was  shown  of  how 
warfare  might  look  in  a  totally  Third  Wave  world.  The  discussion  then  reverted  to  the  thoughts 
of  classic  military  thinkers  (e.g..  Sun  Tzu  and  Clausewitz)  and  how  they  might  be  interpreted  in  a 
modem  context.  Other  items,  such  as  the  role  of  technology  in  modem  warfare  and  the 
importance  of  the  cultural  dimension,  were  also  explored.  Next,  the  idea  of  and  need  for  Centers 
of  Gravity  was  introduced.  Based  on  all  of  these  factors,  this  emerging  warfighting  discipline 
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requires  a  paradigm  shift  in  thinking  and,  as  a  result,  new  weapons  and  tactics  are  needed. 
Finally,  the  chapter  concluded  with  a  brief  synopsis  of  the  coming  chapters. 

2.  Chapter  II:  Defining  Information  Warfare 

Chapter  II  focused  on  defining  Information  Warfare.  The  need  for  a  definition  for  the 
purpose  of  speaking  a  common  language  was  explored.  The  majority  of  this  chapter  was  a  series 
of  brief  overviews  of  many  (but  not  all)  different  perspectives  on  Information  Warfare.  Included 
therein  were  definitions  from  national  decision  makers,  the  Department  of  Defense  (including  a 
definition  from  each  of  the  major  services),  the  academic  world,  various  experts  in  the  field  of 
IW,  and  finally,  some  thoughts  from  other,  less-famous  people.  The  goal  was  to  show  how  large 
and  diverse  the  various  definitions  can  be.  From  all  of  these  definitions  were  derived  two  lists: 
things  to  avoid  when  trying  to  define  IW  and  common  realities  from  the  various  definitions.  This 
lead  to  the  discussion  of  Paradigm  F  as  the  context  of  Information  Warfare  for  this  thesis.  This 
set  of  simple  but  powerful  diagrams  is  a  good  compromise  that  was  used  in  lieu  of  any  one  of  the 
multitude  of  definitions  that  exist.  The  chapter  concluded  vvdth  some  comments  about  the 
number  and  breadth  of  definitions  for  Information  Warfare. 

3.  Chapter  III:  Information  Warfare  Organizations 

Chapter  III  was  a  look  at  the  various  players  on  the  Information  Warfare  field.  From  the 
context  of  Paradigm  F,  one  could  conclude  that  anyone  could  be  an  IW  player.  While  this  may 
be  true  to  some  extent,  there  is  not  much  utility  is  saying  that  everyone  is  involved.  The  chapter 
concerned  itself  with  a  brief  look  at  many  of  the  more  important  players.  They  were  categorized 
and  commented  on  in  succession.  Each  segment  included  brief  comments  on  how,  why,  and  to 
what  extent  the  various  players  are  involved.  The  four  major  categories  were:  International, 
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National,  Federal,  and  State  and  Local.  The  most  emphasis  was  placed  on  the  National  and 
Federal  categories.  The  former  included  such  entities  as  academia,  the  media,  industry,  and 
subversive  elements  (i.e.,  hackers).  The  latter  included  such  organizations  as  DOD,  CIA,  the 
Senate,  etc.  Most  of  the  discussion  was  spent  on  the  largest  single  IW  participant:  DOD.  Each 
of  the  services,  the  Joint  Staff,  and  supporting  agencies  (e.g.,  NSA,  DIA,  etc.)  were  all  examined. 
The  chapter  rounded  out  with  a  commentary  on  the  lack  of  coordination  between  the  various 
parties  and  the  lack  of  clear-cut  roles  and  responsibilities  from  the  highest  levels  in  this  country. 

4.  Chapter  IV:  Information  Warfare  and  Technology 

Chapter  IV  was  an  exploration  of  some  of  the  enabling  technologies  for  Information 
Warfare.  The  world  is  undergoing  a  technological  revolution.  Advances  in  technology  are 
becoming  cheaper  and  more  powerful.  This  chapter  presented  a  look  inside  some  of  those 
technologies.  While  they  are  changing  all  of  the  time,  this  chapter  was  a  good  snapshot  of  some 
of  the  technologies  that  Information  Warfare  relies  on.  Four  major  groupings  were  reviewed: 
computers  and  networks  (e.g.,  proliferation  of  computers  and  networks,  Internet  explosion, 
emergence  of  architectures,  etc.),  telecommunications  (e.g.,  conventional  phones,  fiber  optics, 
microwave,  satellites,  cellular,  etc.),  other  pertinent  technologies  (e.g.,  sensors,  security, 
miniaturization),  and  emerging  technologies  (e.g,  FLAG,  cognitive  technologies,  etc.).  The 
chapter  ended  with  a  short  discourse  on  the  power  of  technology  and  a  review  of  its  need  for 
Information  Warfare.  This  concluded  the  first  half  of  the  thesis. 

5.  Chapter  V:  Offensive  Information  Warfare 

The  second  half  of  the  thesis  focused  on  Offensive  Information  Warfare.  The  statement 
was  made  that  no  single  document  could  examine  all  facets  of  Information  Warfare.  As  a  result. 
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the  decision  was  made  to  focus  on  the  offensive  side.  Chapter  V  began  that  exploration.  The 
chapter  was  basically  broken  into  three  parts.  The  first  part  was  the  introduction.  Although 
much  of  the  work  in  the  OIW  realm  is  highly  classified,  the  material  in  this  thesis  was  drawn 
totally  from  unclassified  sources.  A  brief  definition  of  OIW  was  given.  COGs  were  reviewed 
and  targets  sets  discussed.  The  second  part  of  the  chapter  discussed  various  OIW  tools  and 
techniques.  They  were  split  into  four  categories:  traditional  (physical  destruction,  electronic 
warfare,  intelligence  and  information  collection,  and  psychological  operations),  phreaking 
(traditional  and  cellular),  computer  enabled/dependent  (malicious  software  and  hacking),  and 
technology  enabled/  dependent  (chipping,  energy  weapons,  microbes,  and  nano  machines).  The 
final  part  of  the  chapter  dealt  with  considerations  for  OIW.  A  method  of  partitioning  the  attack 
domain  was  presented.  The  bottom  line  of  the  chapter  was  that  the  United  States  could  and 
should  use  Offensive  Information  Warfare. 

6.  Chapter  VI:  The  Infrastrueture  and  Information  Warfare 

The  heart  of  the  deliberation  on  Offensive  Information  Warfare  rested  in  Chapter  VI. 
This  chapter  dealt  with  the  creation  of  an  infrastructure  template  for  using  OIW.  There  were 
essentially  three  sections  in  the  chapter.  The  first  section  explored  the  need  for  something  such 
as  a  template.  The  role  of  COGs  were  explained  in  depth  and  diagrams  were  used  to  present  the 
requirement  for  an  infrastructure  template.  The  second  section  constructed  the  template.  The 
main  categories  were  tangible  and  intangible.  The  tangible  category  was  broken  into  six 
subcategories  which,  in  turn,  were  further  decomposed  as  shown  in  parentheses:  political 
(domestic  and  foreign),  economic  (commerce  and  finance),  industry  (natural  resources, 
agriculture,  manufactured  goods),  essential  services  systems  (telecommunications^  power 
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generation  and  distribution,  water  supplies  and  sewage,  heating  and  cooling,  transportation,  and 
space),  geography  (physical  and  environment),  and  military  forces  (personnel,  doctrine,  and 
systems).  The  intangible  category  consisted  of  three  subcategories:  culture,  interests  and  goals, 
and  history.  Throughout  the  building  of  the  template,  specific  examples  and  scenarios  were 
depicted.  Some  of  the  more  important  elements  of  the  template  (e.g. ,  economics, 
telecommunications,  and  power  generation  and  distribution)  were  defined  in  great  detail.  The 
last  section  of  the  chapter  reviewed  some  commonalities  inherent  in  many  of  the  template 
elements  (e.g,  interaction  of  template  elements,  complexity,  etc.).  The  template  thus  constructed 
could  be  used  by  planners  to  wage  effective  OIW,  when  coupled  with  the  issues  and 
considerations  of  the  following  chapter. 

7.  Chapter  VII:  Offensive  Information  Warfare  Issues 

Chapter  VII  painted  the  last  piece  of  the  Offensive  Information  Warfare  picture.  The 
chapter  dealt  with  many  (but  perhaps  not  all)  issues  and  considerations  surrounding  Offensive 
Information  Warfare.  The  first  part  of  the  chapter  talked  about  the  decision  of  whether  or  not  to 
use  Offensive  Information  Warfare.  This  decision  must  not  be  made  on  the  spur  of  the  moment; 
there  are  many  complicated  and  tough  issues  that  must  be  carefully  weighed  beforehand. 

Guiding  those  decisions  is  the  status  quo  mentality  that  was  succinctly  summarized  in  the 
chapter.  The  second  part  of  the  chapter  tackled  the  major  issues,  of  which  are  four;  political, 
legal  (both  domestic  and  international),  economic,  and  moral  and  ethical.  All  of  these  are  tough 
problems  that  need  to  answered  satisfactorily  before  assent  is  given  to  launch  an  OIW  attack. 

The  final  part  of  the  chapter  looked  at  some  of  the  other  issues  and  considerations  that  must  be 
addressed  when  contemplating  OIW  strikes.  These  were  basically  broken  down  into  two 
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categories:  military  (planning  considerations)  and  miscellaneous  (no  other  convenient  grouping 
available).  The  former  category  consisted  of  seven  elements:  scope  of  threats,  goals  of  attacking 
force,  time  line  to  hostilities,  mind  set  of  commanders,  levels  of  attacks,  intelligence  support,  and 
collateral  damage.  The  latter  category  consisted  of  five  elements:  repercussions,  classification, 
proportionality,  interoperability,  and  coalitions.  The  chapter  concluded  with  some  remarks  about 
the  interaction  of  these  issues;  the  problem  is  much  larger  than  just  going  down  a  checklist.  Still, 
each  and  every  one  of  the  issues  and  considerations  (and  perhaps  others  not  mentioned)  must  be 
judiciously  examined  before  a  decision  is  made  to  employ  OIW.  There  is  really  no  other  way  to 
proceed;  the  price  for  even  a  small  misstep  could  be  disastrous.  The  end  of  this  chapter  marked 
the  end  of  the  exploration  into  Offensive  Information  Warfare. 

B.  RECOMMENDATIONS 

The  goal  of  this  thesis  has  not  been  to  produce  the  “be-all,  end-all”  document  on 
Information  Warfare.  As  stated  repeatedly  throughout  the  thesis,  no  single  examination  could 
possibly  come  close  to  being  all-encompassing.  The  author  does  not  pretend  to  be  an  expert  in 
the  field  of  Information  Warfare.  No  single  person  could  ever  be  an  expert;  the  field  is  just  too 
large  and  too  diverse  to  allow  such  a  specialization.  The  reader  may  disagree  with  any  or  all  of 
the  ideas  presented  here.  As  long  as  at  least  one  thought  was  produced  that  leads  to  some  kind  of 
follow-up  action,  the  author  will  feel  as  if  the  mission  has  been  accomplished.  Many  of  the 
thoughts  and  discussions  contained  in  this  treatise  deal  with  complex  issues.  The  conclusions 
and  recommendations  that  are  reached  in  this  document  are  based  on  the  extensive  research  by 
the  author  and  on  the  author’s  experiences.  This  last  part  of  the  thesis  is  a  series  of 
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recommendations  that  the  author  feels  will  improve  Information  Warfare  as  a  formidable  weapon 
in  the  arsenals  of  the  United  States. 

1.  Education 

First  and  foremost  among  these  recommendations  is  Education.  The  first  step  in  solving 
any  problem  is  being  knowledgeable  about  it.  The  study  of  Information  Warfare  presents  unique 
challenges  in  this  regard.  The  field  is  so  large  and  so  diverse  and  so  complicated  that  trying  to 
educate  oneself  is  far  from  a  trivial  matter.  Many  documents  exist  on  the  subject.  Almost  every 
one  presents  a  different  view.  Therein  lies  part  of  the  problem. 

Also,  the  study  of  Information  Warfare  requires  a  total  mental  adjustment  on  the  part  of 
the  student  (a  paradigm  shift)  in  order  to  be  effective;  otherwise,  that  person  will  never  truly 
understand  the  power  and  potential  of  Information  Warfare.  Perhaps  the  best  way  to  get 
educated  is  to  read  everything  possible.  This  should  help  shape  the  required  fi-ame  of  mind. 
Along  the  way,  the  student  will  begin  to  formulate  a  conceptual  view  of  what  Information 
Warfare  is  and  what  it  can  do.  Education  is  the  first  step  to  success  with  Information  Warfare. 

2.  Definition 

During  the  education  process,  one  is  bound  to  uncover  many  definitions  (approaching 
infinity,  one  may  think  after  wading  through  the  literature).  From  that  plethora  of  paper  and 
electronic  media,  a  synthesized  picture  is  bound  to  emerge.  The  more  diverse  the  education,  the 
better  that  picture  will  be.  This  synthesized  picture  then  becomes  that  person’s  context  for 
Information  Warfare. 

One  of  the  major  problems  in  IW  today  is  that  everyone  wants  their  own  written 
definition.  Unfortunately,  much  of  this  stems  from  squabbles  over  money,  power,  or  prestige 
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(everyone  is  out  to  protect  their  own  “rice  bowl”).  While  this  may  be  a  reality  of  the  system, 
some  kind  of  compromise  must  be  reached.  A  common  ground  must  be  achieved.  The  United 
States  will  never  be  effective  until  every  major  player  is  talking  the  same  language;  that  situation 
does  not  exist  today.  One  definition  needs  to  be  declared  as  the  only  definition.  Only  then  will 
the  debates  cease  and  constructive  work  be  accomplished. 

3.  Organization 

Along  the  same  lines  as  the  definition  argument,  there  are  large  numbers  of  organizations 
that  have  staked  a  claim  to  Information  Warfare  (not  all  of  these  claims  are  necessarily 
legitimate,  of  course).  Unfortunately,  there  is  no  clear-cut  guiding  policy  from  the  highest  levels. 
As  a  consequence,  each  organization  is  proceeding  as  best  as  it  can  in  the  development  of 
Information  Warfare  as  a  tool  for  the  United  States.  The  end  result  is  similar  to  a  dog  chasing  its 
tail;  it  may  think  its  doing  something  great,  but  in  reality  it  is  going  nowhere.  The  time  is  long 
past  when  the  United  States  can  afford  such  misguidance.  Our  adversaries  are  already  embracing 
the  IW  potential.  The  very  real  possibility  exists  that  unless  something  is  done  quickly,  the 
United  States  may  pay  dearly  for  its  floimdering.  The  time  is  ripe  for  someone  to  take  charge, 
issue  the  required  guidance,  and  force  everyone  to  conform.  Although  there  may  be  some 
mumbling,  that  will  quickly  pass,  and  we  will  find  ourselves  well-equipped  to  enter  the 
Information  Warfare  domain  properly  prepared  and  with  full  confidence. 

4.  Technology 

Technology  plays  an  important  role  in  the  development  and  execution  of  Information 
Warfare.  The  rapid  explosion  of  technology  must  be  cultivated  quickly,  in  near-real  time. 
Advances  in  technology  must  be  quickly  leveraged  into  enabling  products  for  Information 
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Warfare.  Traditionally,  the  bureaucratic  process  involved  with  taking  advantage  of  new 
technology  has  been  slow  at  best.  Although  great  strides  have  been  made  recently  along  these 
lines,  more  needs  to  be  done.  The  United  States  needs  to  be  able  to  take  advantage  of  a 
technology  as  soon  as  a  breakthrough  occurs.  Only  then  will  the  U.S.  be  assured  of  at  least 
remaining  on  par  with  potential  adversaries. 

5.  Weapons  and  Tactics 

The  offensive  side  of  Information  Warfare  shows  great  promise.  Although  many  of  the 
specifics  regarding  weapons  and  tactics  are  highly  classified,  thought  can  still  be  put  into  the 
possibilities.  Many  tools  and  techniques  exist  today  in  the  open  world,  many  on  the  Internet. 
While  this  fact  presents  many  concerns  to  those  charged  with  protecting  systems  from  OlW-type 
attacks,  it  also  presents  the  challenge  to  top  those  weapons.  Technology  will  enable  highly 
sophisticated  and  effective  weaponry  to  be  developed.  Of  course,  the  development  of  such, 
weapons  must  be  preceded  by  an  embrace  of  the  Third  Wave  mentality.  Trying  to  think  about 
01 W  weapons  along  conventional  lines  (i.e..  Second  Wave  thinking)  will  result  in  the  creation  of 
very  sophisticated  weapons  that  are  ineffective  in  the  information  society. 

6.  Infrastructure 

The  possibilities  for  the  employment  of  Offensive  Information  Warfare  are  endless.  The 
weapons  are  complex  and  the  targets  are  complex.  Thus,  a  haphazard  attack  plan  will  result  only 
in  the  destruction  of  the  attacking  force  and  perhaps  a  large  part  of  the  world.  OIW  weapons  can 
be  so  powerful  as  to  make  a  nuclear  detonation  pale  in  comparison;  one  needs  only  to  think  of  a 
scenario  where  most  of  the  world’s  economic  markets  are  destroyed  by  malicious  software  to  see 
this  power.  As  a  result,  some  form  of  a  structured  methodology  for  devised  OIW  attacks  is 
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necessary.  An  infrastructure  template  was  the  tool  of  choice  for  this  thesis.  The  author  makes  no 
claim  that  this  template  is  perfect,  but  at  least  it’s  a  start  in  the  right  direction.  This  template  is  a 
good  vehicle  to  present  the  essence  of  Offensive  Information  Warfare:  vast  and  complex  systems 
interacting  with  one  another,  being  attacked  by  highly  sophisticated  and  complex  weapons  in 
short  spans  of  time. 

The  challenge  now  is  to  take  the  template  (or  something  similar)  and  translate  it  into  a 
working  tool,  preferably  an  automated  one.  While  this  may  appear  to  be  an  enormous 
undertaking  (and  it  is),  it  is  also  a  necessary  one.  Even  if  the  first  attempts  falter,  at  least 
something  is  being  done.  Along  the  way,  education  will  occur.  The  final  product  will  be  an 
effective  tool  for  planning  and  executing  Offensive  Information  Warfare. 

7.  Issues 

A  final  recommendation  is  aimed  at  the  debate  over  issues.  The  decision  of  whether  or 
not  to  use  Offensive  Information  Warfare  is  not  easy.  No  one  should  envy  the  person  or  persons 
charged  with  making  those  decisions.  However,  such  decisions  cannot  be  made  off-hand;  that 
would  just  be  inviting  disaster.  The  correct  path  to  making  a  good  decision  is  to  start  with  a 
sound  education  base  on  Information  Warfare,  accompanied  by  the  required  paradigm  shift. 
Included  in  that  education  is  an  intricate  knowledge  of  the  players,  technologies,  weapons, 
tactics,  and  the  multitude  of  planning  considerations.  Only  when  all  of  this  has  been 
accomplished  can  the  decision  maker  make  a  good  decision.  Even  then,  the  decision  made  may 
not  be  the  right  one.  Many  would  argue  that  the  United  States  cannot  afford  to  use  Offensive 
Information  Warfare.  The  argument  might  be  that  the  risks  outweigh  the  possible  gains.  This  is 
most  likely  the  result  of“paradigmslost”(/.e.,  ignorance).  The  world  is  changing.  Warfare  is 
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definitely  changing.  Conflict  in  the  Information  Age  will  be  unlike  anything  seen  in  the  past.  It 
demands  a  new  mentality  to  wage  it  successfully.  One  of  the  characteristics  of  the  shift  to  the 
Third  Wave  is  desensitization  of  human  feelings.  The  United  States  has  always  tried  to  base  its 
major  decisions  on  what  is  “right”.  In  the  Information  Age,  such  things  do  not  exist.  In  order  to 
be  successful,  decision  makers  must  distance  themselves  fi-om  emotion  and  look  at  the  decision 
as  an  efficiency  problem.  This  may  sound  like  a  callous  statement,  and  it  is  in  many  ways.  It  is 
also,  however,  reality. 

This  thesis  has  been  a  voyage  into  the  expansive  and  complex  world  of  Information 
Warfare.  Much  groxmd  was  covered,  fi'om  definitions  and  organizations  to  weapons  and  issues. 
Many  mind-numbing  topics  were  explored.  However,  this  work  is  far  from  complete.  It  has 
merely  been  a  snapshot  in  time.  Information  Warfare  presents  great  potential  that  should  be 
exploited  by  the  United  States.  Much  pain  and  agony  lies  on  the  path  to  success.  However,  the 
journey  is  worth  the  effort.  Besides,  the  Third  Wave  revolution  does  not  leave  us  any  choice. 
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